|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Adam Jacob Muller (lists-postfix
adam.gs)
Date: Sat Apr 21 2007 - 06:56:22 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Apr 21, 2007, at 5:05 AM, mouss wrote:
> Adam Jacob Muller wrote:
>>
>> On Apr 20, 2007, at 3:32 PM, Wietse Venema wrote:
>>
>>> Noel Jones:
>>>> At 12:33 PM 4/20/2007, Wietse Venema wrote:
>>>>> katsumi liquer:
>>>>>> Hello list,
>>>>>>
>>>>>> First, I apologize if this question has been asked already or
>>>>>> is in
>>>>>> the faq -- I have looked for an answer but not found one --
>>>>>> basically,
>>>>>> I have spent some time configuring postfix so that it has a
>>>>>> chain of
>>>>>> two content filters in order to accommodate DSPAM, but also some
>>>>>> procmail filtering. Everything works fine, but in the even
>>>>>> that one of
>>>>>> the filters is un-available for whatever reason (crashed, etc)
>>>>>> then
>>>>>> postfix defers the message from processing. Is their a setting
>>>>>> somewhere in postfix that, in the event of a content filter being
>>>>>> unavailable , it can skip it or divert to a fall-back filter?
>>>>>
>>>>> Skipping content filters requires an explicit action.
>>>>>
>>>>> - "postconf -e content_filter=",
>>>>>
>>>>> - "postfix reload",
>>>>>
>>>>> - "postsuper -r incoming,active,deferred", and
>>>>>
>>>>> - "postkick public qmgr IA".
>>>>>
>>>>> They can be exercised by a baby sitter program that YOU provide.
>>>>> A problem is detected by watching the log, the size of the queue,
>>>>> or the delays for "heart beat" test messages to go through
>>>>> Postfix.
>>>>>
>>>>> Wietse
>>>>
>>>> It seems that at one time I was able to add
>>>> -o fallback_relay=[127.0.0.1]:10025
>>>> to the content filter smtp injector to reroute mail when the
>>>> content
>>>> filter stopped.
>>>> Does this no longer work?
>>>
>>> Yikes. That should work. But it will be slow, because every
>>> delivery first has to time out on the non-responding filter.
>>>
>>> Wietse
>>
>>
>> While I feel I may get flamed for this idea....
>>
>> bind your content filter to <YOUR_IP>:<YOUR_PORT>
>>
>> Setup main.cf in postfix to bind to *:<THAT_SAME_PORT>
>
> The filter may be unavailable, without "freeing" the port. here is
> an example
> bind (...)
> ...
> while (1) { sleep(2); }
>
>>
>> This, of course, assumes your content filter releases the bind on
>> YOUR_IP:YOUR_PORT, and you probably want to throw up some firewall
>> rules now since your not binding everything internal to the loopback.
>>
>> This is diabolical.
>
> don't play with fire
Well, i said that, perhaps his content filter crashes and does free
the port :)
You know, I love playing with fire, I also don't mind so much the
burns -- they tickle.
-Adam
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]