[Postfixbuch-users] Ausgehende Mails um amavis herumschleusen?

Ziegler Dominik dominik.ziegler at haw-ingolstadt.de
Mi Mär 21 16:28:13 CET 2012


Hallo liebe Liste,

ich habe eine Frage, leider komme ich mit google und Konsorten nicht mehr weiter. Ich möchte gerne alle internen Netze um Amavis herumschleusen, sodass im Prinzip keine Spamcheck durchgeführt wird. Die Möglichkeit mit der "content_filter" und "policy_banks" Lösung findet man ja zuhauf im Internet. Ich gehe allerdings über den smtpd_proxy_filter. Folgend meine Konfiguration:

postconf -n:

smtpd_banner            = $myhostname ESMTP
biff                    = no
soft_bounce             = no

# appending .domain is the MUA's job.
append_dot_mydomain     = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory        = no

# TLS parameters
smtpd_tls_cert_file                     = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file                      = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls                           = yes
smtpd_tls_session_cache_database        = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database         = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

#-----------------------------------------------------------
# Listening to:
#
inet_interfaces         = all
inet_protocols = ipv4

#-----------------------------------------------------------
# Limits:
#
mailbox_size_limit      = 50000000
message_size_limit      = 50000000
bounce_queue_lifetime   = 3d
maximal_queue_lifetime  = 3d

#-----------------------------------------------------------
# Namen und Netzwerke:
#
myhostname              = mailgate-1.haw-ingolstadt.de
mydomain                = haw-ingolstadt.de
myorigin                = /etc/mailname
mynetworks              = 127.0.0.0/8,
			...
			...

relay_domains           = domain.tld
			...
			...

relayhost               =
mydestination           = $myhostname, localhost.$mydomain, mailgate-1.fh-ingolstadt.de
recipient_delimiter     = +

#-----------------------------------------------------------
# Security:
#
smtpd_sender_restrictions     = reject_non_fqdn_sender
smtpd_recipient_restrictions  = permit_mynetworks,
                                check_client_access cidr:/etc/postfix/access-client,
                                reject_unauth_destination,
                                reject_invalid_hostname,
                                reject_non_fqdn_sender,
                                reject_non_fqdn_recipient,
                                reject_unknown_sender_domain,
                                reject_unknown_recipient_domain,
                                reject_rbl_client zen.spamhaus.org,
                                reject_unverified_recipient,
                                check_policy_service inet:127.0.0.1:10023,

#-----------------------------------------------------------
# Alias:
#
alias_maps      = hash:/etc/aliases
alias_database  = hash:/etc/aliases

#-----------------------------------------------------------
# Transport:
#
transport_maps  = hash:/etc/postfix/transport

#-----------------------------------------------------------
# Misc.:
#
mail_owner      = postfix

#-----------------------------------------------------------
# Benutzer-Verify am Exchange-Server
#
address_verify_map                      = btree:/var/spool/postfix/data/verify
address_verify_negative_expire_time     = 3d
address_verify_negative_refresh_time    = 30m
unverified_recipient_reject_code        = 550

#-----------------------------------------------------------
# Umsetzen von fh-ingolstadt auf haw-ingolstadt
#
canonical_maps = hash:/etc/postfix/canonical



master.cf:

smtp      inet  n       -       -       -       -       smtpd
        -o content_filter=
        -o smtpd_proxy_filter=localhost:10024
localhost:10025      inet  n       -       -       -       -       smtpd
        -o content_filter=
        -o smtpd_proxy_filter=
        -o smtpd_authorized_xforward_hosts=127.0.0.0/8
        -o smtpd_client_restrictions=
        -o smtpd_helo_restrictions=
        -o smtpd_sender_restrictions=
        -o smtpd_recipient_restrictions=permit_mynetworks,reject
        -o smtpd_data_restrictions=
        -o mynetworks=127.0.0.0/8
        -o receive_override_options=no_unknown_recipient_checks


Ist es überhaupt möglich mit meiner Konfiguration? Stehe irgendwie auf dem Schlauch :). Danke schon mal im Voraus.

Viele Grüße,
D.Ziegler



Mehr Informationen über die Mailingliste Postfixbuch-users