Re: postfix, procmail and SELinux - No Go

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Nicolas Mailhot wrote:
Le mercredi 07 juin 2006 à 13:12 -0500, Marc Schwartz (via MN) a écrit :
aul and Dan,

As of this moment, now running in Enforcing Mode, the following are
known to work with Paul's policies and context changes:

  Incoming multiple POP3 account mail via fetchmail is working.
  fetchmail, BTW, runs every 2 mins. from my own crontab file, not the
  system crontab, using ~/.fetchmailrc.

  Outgoing mail via company SMTP server is working

  Mail forwarding off my laptop via procmail/postfix is working

  Clamassassin is working

  Spamassassin is working


I have not yet had any Viagra-like e-mails to be able to test the other
remote servers (ie. pyzor, razor and DCC) to check for function.
Hopefully some with come through today (why can't you get them when you
want them....  ;-).


BTW (did I already wrote this?) it seems strange that on a postfix
+procmail+clamav+sa setup you wouldn't be using amavis, especailly since
it's available in FE

Nicolas,

No, you had not queried me on that previously.

When I set this approach up two or three years ago, I was looking for something relatively easy to maintain, that was targeted to a relatively low volume, single user system. I became aware of ClamAssassin via the ClamAV third party apps web page and subsequent Google searches.

My readings of amavisd-new suggested that it was targeted more for multi-user mail server configurations, given the more complex processing options and reporting. Kind of along the lines of some of the other mail::scanner classes of applications.

This was quick and easy to configure using procmail, including enabling subject and header re-writes for SA and ClamAV. The remote spam tests via SA were quick and easy to install and (prior to SA 3.1 as you first noted) no other configuration modifications were required.

Most importantly, it has been effective at dramatically reducing my manual handling of spam.

The occasional 'infected' e-mail that I still get is picked up quickly and deleted using a filter in Evo based upon the X-Virus-Status tag. I could set up the procmail recipe to send them to /dev/null, but I like to keep track of them to have a sense of frequency. Between my company's server filters and my personal ISP's filters, they are a rarity now.

I appreciate your asking and hope that this clarifies my logic.

Regards,

Marc Schwartz

--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux