On Stardate 6609.08, A Ve said:
Hi !
System: Fedora2, Following Apps installed: spamassassin-2.63-8, postfix-2.1.4-4.fc2.
Postfix 2.1.4 is finally working - after some help from postfix mailinglist and postfix-guru Ralf H and some other helpfull postfix-guys.
But ... spamassassin still not running. I configured it - as suggested in the spamassassin doc:
master.cf before: smtp inet n - n - - smtpd
mater.cf after: smtp inet n - n - - smtpd -o content_filter=spamassassin
spamassassin unix - n n - - pipe user=test argv=/usr/bin/spamc -f -e /usr/sbin/sendmail -oi -f ${sender}
${recipient}
My requirements are a little different than yours, so I call SA a little differently than what you have configured above. The main reason is my MTA is also a backup MX for another domain, so I needed the flexibility to _NOT_ call SA on e-mails received in a backup MX mode. Anyway, maybe the following might get you started in the right direction. Then you can fine tune your configuration.
With the above in mind...
In /etc/master.cf
smtp inet n - y - - smtpd
filter unix - n n - 10 pipe flags=Fq user=spamassassin argv=/usr/bin/spamc -f -x -e /usr/sbin/sendmail -i -f $sender $recipient
Note: Don't set the chroot field to *y* until you get things working on the smtpd instance. Then, if necessary, enable the chroot'd environment.
In main.cf, I added a call to check_sender_access and check_recipient_access in smtpd_recipient_restrictions as follows:
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination ... more tests ... check_sender_access hash:/etc/postfix/whitelist_sender check_recipient_access hash:/etc/postfix/filtered_domains
Note: The order in which the tests are listed is critical. SA is called last. In other words, the first matching test wins. So whitelisted senders are not run through SA.
In /etc/postfix/whitelist_sender, I add the envelope sender address (mail from) of list servers that I subscribe to so that SA is *not* run on these e-mails. Virus checking is done on all inbound e-mails on another server. i.e.
# List all list server subscription "mail from" addresses here. fedora-list-bounces@xxxxxxxxxx OK etc...
Then in /etc/postfix/filtered_domains, I add the domain names that I want to have SA called. These are all my registered domains, not the backup MX domains.
# Add only the domain you want to have filtered (run spamassassin) mydomain1.com FILTER filter:spamassassin mydomain2.com FILTER filter:spamassassin
Note: The call to the FILTER action.
See: http://www.postfix.org/access.5.html for info on the FILTER action syntax.
If you want to run SA on *all* e-mails, then you don't need to add the call to check_sender_access, just add the check_recipient_access at the end.
Thats it! Good luck Steve Cowles
