From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1RY5En-0004VF-DE for garchives@archives.gentoo.org; Wed, 07 Dec 2011 00:19:53 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 5971321C0F6; Wed, 7 Dec 2011 00:19:25 +0000 (UTC) Received: from svr-us4.tirtonadi.com (svr-us4.tirtonadi.com [69.65.43.212]) by pigeon.gentoo.org (Postfix) with ESMTP id 462D521C0DF for ; Wed, 7 Dec 2011 00:16:41 +0000 (UTC) Received: from mail-ww0-f53.google.com ([74.125.82.53]) by svr-us4.tirtonadi.com with esmtpsa (TLSv1:RC4-SHA:128) (Exim 4.69) (envelope-from ) id 1RY5Bg-002rYr-LI for gentoo-user@lists.gentoo.org; Wed, 07 Dec 2011 07:16:40 +0700 Received: by wgbds1 with SMTP id ds1so7283243wgb.10 for ; Tue, 06 Dec 2011 16:16:36 -0800 (PST) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Received: by 10.216.86.8 with SMTP id v8mr80363wee.42.1323216996877; Tue, 06 Dec 2011 16:16:36 -0800 (PST) Received: by 10.223.103.70 with HTTP; Tue, 6 Dec 2011 16:16:36 -0800 (PST) Received: by 10.223.103.70 with HTTP; Tue, 6 Dec 2011 16:16:36 -0800 (PST) In-Reply-To: References: <4EDAA89F.3090308@orlitzky.com> <4EDAD845.4010402@orlitzky.com> <4EDD6749.8030301@orlitzky.com> <4EDD9D88.7080407@orlitzky.com> <4EDE4CC1.1000808@orlitzky.com> Date: Wed, 7 Dec 2011 07:16:36 +0700 Message-ID: Subject: Re: [gentoo-user] clamav and spamassassin From: Pandu Poluan To: gentoo-user@lists.gentoo.org Content-Type: multipart/alternative; boundary=0016e6db2dc10f452604b37577a5 X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - svr-us4.tirtonadi.com X-AntiAbuse: Original Domain - lists.gentoo.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - poluan.info X-Archives-Salt: a75bf0ee-db85-43ef-bea2-ec34330c7739 X-Archives-Hash: 158eb4bcb87739a68d1397e29409bb6f --0016e6db2dc10f452604b37577a5 Content-Type: text/plain; charset=UTF-8 On Dec 7, 2011 2:22 AM, "Paul Hartman" wrote: > > On Tue, Dec 6, 2011 at 11:11 AM, Michael Orlitzky wrote: > > On 12/06/11 11:32, Grant wrote: > >> > >> Got it. Your explanations are positively lucid. > >> > >> I added this to /etc/postifx/main.cf: > >> > >> postscreen_greet_action = enforce > >> postscreen_pipelining_enable = yes > >> postscreen_pipelining_action = enforce > >> postscreen_non_smtp_command_enable = yes > >> postscreen_non_smtp_command_action = enforce > >> postscreen_bare_newline_enable = yes > >> postscreen_bare_newline_action = enforce > >> > >> and I commented this and restarted postfix: > >> > >> #check_policy_service inet:127.0.0.1:10030 > >> > >> Should this effectively disable postgrey and enable postscreen? > >> > > > > That will disable postgrey, but isn't enough to enable postscreen. There > > are a couple of daemons you have to enable in master.cf (steps 2 through 6): > > > > http://www.postfix.org/POSTSCREEN_README.html#enable > > > > That README refers to lines that are commented-out in master.cf; of > > course, if you've upgraded from an earlier of postfix, you won't have them. > > > > What I did was to untar the latest postfix release under my home > > directory, and find the master.cf that ships with it. Then, I > > copy/pasted the lines mentioned in the README over to my real master.cf. > > > > After a restart, you should see lines like this in your mail log: > > > > Dec 6 03:13:46 mx1 postfix/postscreen[2810]: CONNECT from ... > > > > that let you know its' working. > > Thanks for bringing up postscreen and the rest of your responses to > Grant in this thread, I wasn't aware of it either. None of the HOWTOs > I read ever mentioned it. :) I'm going to give it a try and see how it > goes. > Indeed. They are also unclear on how to configure SASL (but that's a different story). Luckily, I'm building my mailfiltering gateway from scratch, and have been logging everything I do. When everything's finished and the mfgw works well, I'll distill my log into yet-another-wiki-article. Rgds, --0016e6db2dc10f452604b37577a5 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable


On Dec 7, 2011 2:22 AM, "Paul Hartman" <paul.hartman+gentoo@gmail.com> wrote: >
> On Tue, Dec 6, 2011 at 11:11 AM, Michael Orlitzky <michael@orlitzky.com> wrote:
> > On 12/06/11 11:32, Grant wrote:
> >>
> >> Got it. =C2=A0Your explanations are positively lucid.
> >>
> >> I added this to /etc/postifx/main.= cf:
> >>
> >> postscreen_greet_action =3D enforce
> >> postscreen_pipelining_enable =3D yes
> >> postscreen_pipelining_action =3D enforce
> >> postscreen_non_smtp_command_enable =3D yes
> >> postscreen_non_smtp_command_action =3D enforce
> >> postscreen_bare_newline_enable =3D yes
> >> postscreen_bare_newline_action =3D enforce
> >>
> >> and I commented this and restarted postfix:
> >>
> >> #check_policy_service inet:127.0.0.1:10030
> >>
> >> Should this effectively disable postgrey and enable postscree= n?
> >>
> >
> > That will disable postgrey, but isn't enough to enable postsc= reen. There
> > are a couple of daemons you have to enable in master.cf (steps 2 through 6):
> >
> > =C2=A0http://www.postfix.org/POSTSCREEN_README.html#enable
> >
> > That README refers to lines that are commented-out in master.cf; of
> > course, if you've upgraded from an earlier of postfix, you wo= n't have them.
> >
> > What I did was to untar the latest postfix release under my home<= br> > > directory, and find the master.cf that ships with it. Then, I
> > copy/pasted the lines mentioned in the README over to my real master.cf.
> >
> > After a restart, you should see lines like this in your mail log:=
> >
> > =C2=A0Dec =C2=A06 03:13:46 mx1 postfix/postscreen[2810]: CONNECT = from ...
> >
> > that let you know its' working.
>
> Thanks for bringing up postscreen and the rest of your responses to > Grant in this thread, I wasn't aware of it either. None of the HOW= TOs
> I read ever mentioned it. :) I'm going to give it a try and see ho= w it
> goes.
>

Indeed. They are also unclear on how to configure SASL (but that's a= different story).

Luckily, I'm building my mailfiltering gateway from scratch, and hav= e been logging everything I do. When everything's finished and the mfgw= works well, I'll distill my log into yet-another-wiki-article.

Rgds,

--0016e6db2dc10f452604b37577a5--