Postfix - in-smtp-session-virus-spam-check vs. bounces

Discussion in 'Installation/Configuration' started by KoS, Oct 27, 2013.

  1. KoS

    KoS Member HowtoForge Supporter


    on my previous mailserver i used qmail and had it configured with clamav and spamassassin to do all the scanning during the SMTP session is open. so that if a virus oder spam message was detected, the SMTP session could be rejected with a 5xx error, instead of generating a bounce message (to a probably forged from-address).

    with postfix and ISPconfig i see that the server accepts the mail and does than the processing and if a virus/spam is found, it sends out a bounce. with todays spam-traffic i see that as a problematic approach, because bounces will be sent to "innocent" users. is there a way to configure postfix (with help of ispconfig) to do the scanning and processing during the smtp-session, like described above?

    thanks for your advice

  2. till

    till Super Moderator Staff Member ISPConfig Developer

    ISPConfig does not send any spam bounces in a default setup. Spam is either deleted without a bounce when its score exceeds spam kill level or it is marked as spam in the header and title if the spam level 2 is matched. If your setup sends bounces, then you must have configure that in amavisd.
  3. KoS

    KoS Member HowtoForge Supporter

    thanks, till.

    sorry for my imprecise question:
    - spam/virus mails are, as you write, deleted (or marked). i don't like the way of mails "just being deleted" without a notice, as i don't see that as the right way to go. thats exactly the reason why i would like to reject them during the SMTP session, so that the sender is responsible for generating a message to the user (e.g. if the mail was falsely detected as spam/virus), or discarding it, in case of a spam bot.
    - bounces are generated for non-existing addresses. the mail to a non-existent address (of an existing domain) is accepted by the server and a bounce is sent back to the sender of the address, instead of rejecting the mail at smtp-level.

    the server was configured by the ispconfig debian (mail) guide.

    i suppose this is the expected behaviour of an "ispconfig-server"? is there a way to change that? i mean, i'll check the postfix/amavis, but still i'm not sure what's the impact than on ispconfig, or perhaps there is already a "howto" for that combination?

  4. KoS

    KoS Member HowtoForge Supporter

    so i would like to use the Postfix before-queue content filter feature as described here:

    the setup that i have now, by following the howtoforge guide, is to use "content_filter", but i would like to change to smtpd_proxy_filter.

    i haven't found a guide or any information about issues with ispconfig on that. is everbody just using content_filter ? :-(


Share This Page