Am 23.09.2011 15:13, schrieb Stan Hoeppner:
On 9/22/2011 9:42 AM, Robert Schetterer wrote:
why not simply use clamav-milter with sanesecurity sigs ( works like charme here ) so the stuff dont pass ever in mailboxes, if you dont like reject , then hold for manual human admin interaction
Seems to me this could be done pretty easily with a PCRE/regexp body filter in Postfix, assuming the credentials follow a strict pattern. Apply it to the submission daemon stream and redirect the mail with a filter action to an admin mailbox. I've not written such a thing myself but it seems it would be pretty straightforward.
why that difficult clamav-milter is able to hold mail, simply configure some monitor script alarming admin when x number mail are in the hold queue so he may delete or unhold it after inspection, i do monitoring i.e. with bb-clone xymon anyway monitoring postfix queues is always nice to have
from clamav-milter.conf
ACTIONS The following group of options controls the delievery process under different circumstances. The following actions are available: - Accept: The message is accepted for delievery - Reject: Immediately refuse delievery (a 5xx error is returned to the peer) - Defer: Return a temporary failure message (4xx) to the peer - Blackhole (not available for OnFail): Like Accept but the message is sent to oblivion - Quarantine (not available for OnFail): Like Accept but message is quarantined instead of being delivered. NOTE: In Sendmail the quarantine queue can be examined via mailq -qQ. For Postfix this causes the message to be placed on hold.
-- Best Regards
MfG Robert Schetterer
Germany/Munich/Bavaria