RSS feedTo use DSPAM with our mailserver we will use it as a content filter in Postfix, therefore we need to change the configuration of Postfix to route incoming email to DSPAM.
We define an extra transport in the /etc/postfix/master.cf config file by adding the following lines after the line starting with ’smtp’:
flags=Ru user=_dspam argv=/usr/local/bin/dspam --deliver=innocent --user ${recipient} -i – f $sender -- $recipient
Please make sure that the last line starting with ‘flags’ is all on one line in the config file.
To enable the re-insertion of the email into Postfix for delivery into a users mailbox we need to add the following to the master.cf file:
-o content_filter=
-o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
-o smtpd_helo_restrictions=
-o smtpd_client_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o smtpd_authorized_xforward_hosts=127.0.0.0/8
Filtering incoming mail only
To only filter incoming mail we need to do some smart thing with the smtpd_recipient_restrictions settings in the /etc/postfix/main.cf. The list is worked down from top to bottom and if one of the options is valid/checks then the restriction checking stops and the mail process continues with the appropriate steps.
To get this to work we need to setup a filter (using PCRE) which passes the incoming email to DSPAM. To enable this we need to create a file called dspam_filter_access in /etc/postfix/ with the following content:
Next we need to convert this into a postfix readable format using the following command:
If everything went correctly there should be a new file called dspam_filter_access.db in /etc/postfix/.
Next we need to edit the postfix configuration file /etc/postfix/main.cf to enable the filter and add some other DSPAM settings. First the smtpd_recipient_restrictions list:
Your original setting would look like:
reject_unauth_pipelining,
reject_non_fqdn_recipient,
reject_unknown_recipient_domain,
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
warn_if_reject,
reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_invalid_hostname,
reject_rbl_client zen.spamhaus.org,
permit
Please change the last line so it would look like:
Please add the following entry at the bottom of the Next step: Starting DSPAM on Leopard
reject_unauth_pipelining,
reject_non_fqdn_recipient,
reject_unknown_recipient_domain,
permit_mynetworks,
permit_sasl_authenticated,
reject_unauth_destination,
warn_if_reject,
reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_invalid_hostname,
reject_rbl_client zen.spamhaus.org,
check_client_access pcre:/etc/postfix/dspam_filter_access
/etc/postfix/main.cf, to prevent multiple messages to be submitted at the same time:
dspam_destination_recipient_limit = 1
