Re: spojení spamassassin a sendmail

Dalibor Toman dtoman na fortech.cz
Čtvrtek Březen 11 10:36:55 CET 2004 

On Thursday, March 11, 2004 10:16 AM [CET], Ing. Pavel Janousek
<Janousek na FoNet.Cz> wrote:

>> -----Original Message-----
>> From: Dalibor Toman [mailto:dtoman na fortech.cz]
>> doporucuji pouti Milter interface sendmailu. Lze tak odmitat zpravy
>> jeste na urovni SMTP (cili zahodim zpravu s virem a odesilajicimu
MTA
>> nahlasim neco ve smyslu '550 Virus xy found' at si to preberesam
>> (vyrobi bounce atd)
>
> To jsou mi novinky...:-0
>
> Ktera rada amavisu se takto v Milter rozhranni chova? Ja osobne
> pouzivam amavis-ng (ale drive jsem pouzival jak prapuvodni amavis,
> pozdeji amavisd a jeste nasledne amavis-new a pokud to umoznovalo
> Milter, tak jsem ho pouzil), ten vsak mail "prijme" - na klienta
> odesle OK, a teprve v zapeti vyvolava notifikace atd... - aspon jsem
> hluboce presvedcen, ze klient, ktery se snazi poslat via SMTP
> zavirovany mail
> nic jako 550 XYZ o viru neobdrzi a resi si to Amavis via
> send_message(...), kterouzto metodu musi implementovat kazdy MTA
> vcetne Milteru... (juk do AMAVIS/MTA)

Milter API prave to odmitnuti zpravy jeste v SMTP session umoznuje.
Pro jistotu jsem to otestoval a OE pri pokusu o odeslani zpravy s
eicarem zobrazi okynko s chybou (550 5.7.1 Message content rejected)

pouzivame:
sendmail-8.12.8-9.80
amavisd-new-20030616-p6
Mail-SpamAssassin-2.60

a pokud si to chces vyzkouset, muzes ve svem MTA vyrobit zpravu a
poslat ji napriklad na adresu support na proxyplus.net. Jako server
odchozi posty musis pouzit digger.bezdrat.net

Presne si postup rozchozeni uz bohuzel nepamatuju, tusim, ze
implicitni konfigurace amavis/amavis-milter se takto nechova - bylo
nutne ji rict, ze me opravdu zpravy s viry nezajimaji. Cili zrejme:
(uryvek z amavisd.conf)

# Notes:
#   D_REJECT and D_BOUNCE are similar, the difference is in who is
responsible
#            for informing the sender about non-delivery, and how
informative
#            the notification can be (amavisd-new knows more than
MTA);
#   With D_REJECT, MTA may reject original SMTP, or send DSN (delivery
status
#            notification, colloquially called 'bounce') - depending
on MTA;
#            Best suited for sendmail milter, especially for spam.
#   With D_BOUNCE, amavisd-new (not MTA) sends DSN (can better explain
the
#            reason for mail non-delivery, but unable to reject the
original
#            SMTP session). Best suited to reporting viruses, and for
Postfix
#            and other dual-MTA setups, which can't reject original
client SMTP
#            session, as the mail has already been enqueued.

$final_virus_destiny      = D_REJECT;  # (defaults to D_BOUNCE)


D. Toman

Další informace o konferenci Linux