NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Postfix Discussion> 2004-03

Different filters for different users

From: Eduardo Kienetz (eduardo.kienetzsagra.inf.br)
Date: Mon Mar 01 2004 - 08:58:59 CST

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello everybody.

I need to have two users to use one type of filter (which does not call ANOMY
sanitizer - so doesn't remove attachments) while all others use another one (to
remove attachments).
Right now I have incoming and outgoing mail being scanned for virus (using amavis),
but only outgoing mail gets attachments removed (xls,dwg, etc that company doesn't
want to have going out).
The problem is that two users need to be out of that removal policy.
Here's is how I have it today (cut just the important part):
master.cf:
192.0.0.254:smtp inet n - n - - smtpd -o
content_filter=filter:
127.0.0.1:smtp inet n - n - - smtpd -o
content_filter=filter:
valid.ip.address.internet:smtp inet n - n - -
smtpd
....
# Antivirus
vscan unix - n n - 3 pipe user=vscan
argv=/usr/sbin/amavis ${sender} ${recipient}
localhost:10025 inet n - n - 3 smtpd -o
content_filter=
relay unix - - n - - smtp
proxymap unix - - n - - proxymap
filter unix - n n - 30 pipe user=filter
argv=/usr/local/bin/spamfilter.sh -f ${sender} ${{recipient}

I have tried using access with this (done postmap access after this, sure):
usernottoremoveattachments FILTER vscan:dummy

Setting on main.cf: smtpd_sender_restrictions = hash:/etc/postfix/access

Here's what I got while testing:

Mar 1 10:36:04 thewall postfix/smtpd[6566]: A332C80: filter: RCPT from
unknown[192.0.0.110]:
<usernottoremoveattachmentsdomain.com.br>: Sender address triggers
FILTER filter:vscan; from=<usernottoremoveattachmentsdomain.com.br>
to=<eduardo.kienetzsagra.inf.br>
proto=SMTP helo=<engenharia1>

It gives an error to the user.

I've thought of setting up:
192.0.0.110:smtp inet n - n - - smtpd -o
content_filter=doesnotremove:

As we can see 192.0.0.110 is the client IP address. Would that work so I don't need
to use access file?

Thanks in advance,

--
Eduardo Bacchi Kienetz
Analista de Suporte Sênior
Sagra - Soluções Positivas
www.sagra.inf.br
==========

As informações existentes nessa mensagem e nos arquivos anexados são para uso
restrito, sendo seu sigilo protegido por lei. Caso não seja destinatário, saiba que
leitura, divulgação ou cópia são extremamente proibidas. Favor apagar as informações
e notificar o remetente. O uso impróprio será tratado conforme as normas da empresa
e a legislação em vigor.

The information mentioned in this message and in the archives attached are of
restricted use, and its privacy is protected by law. If you are not the addressee,
be aware that reading, disclosure and copy are strictly forbidden. Please delete
this information and notify the sender. Inappropriate use will be tracted according
to company's rules and valid laws.

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]