19 posts / 0 new
Last post
#1 Sun, 07/05/2009 - 19:46
marciano

Amavisd

Hello all,
I wish to install policyd to add user limits using postfix.
In the install process I see that a patch to amavisd has to be performed.
There's no amavis daemon running or installed from install.sh
What do you suggest?
Thank you
PS:
It is also known as cluebringer.
There's a rpm
http://rpm.pbone.net/index.php3/stat/4/idpl/12550924/com/cluebringer-2.0...

Sun, 07/05/2009 - 21:05
andreychek

Yeah, Policyd and Amavis aren't part of the typical Virtualmin stack.

You can accomplish some of that by going into Email Messages -> Email Greylisting, and clicking "Enable Greylisting", which will setup Postgrey.

Outside of that, it's not managed by Virtualmin. You can install it, but you'd be on your own to configure it, which does make things more complex ;-)

-Eric

Mon, 07/06/2009 - 08:46
marciano

What I need is to limit the amount of smtp mails/user. If you know any other way to perform this it will be welcomed!! Thanks M

Mon, 07/06/2009 - 09:12
marciano

....
....
Installing : perl-BerkeleyDB [1/4]
Installing : perl-IO-Multiplex [2/4]
Installing : perl-Net-Server [3/4]
Installing : postgrey [4/4]

Installed: postgrey.noarch 0:1.31-2.el5
Dependency Installed: perl-BerkeleyDB.i386 0:0.34-2.el5.vm perl-IO-Multiplex.noarch 0:1.10-3.el5.vm perl-Net-Server.noarch 0:0.97-6.el5.vm
Complete!
.. install complete.

.. installation failed!

I enabled it again and seems to be fine

Mon, 07/06/2009 - 09:14
andreychek

Howdy,

Are you by chance using the latest Virtualmin?

A few revisions ago, Virtualmin had a bug where the installation of Postgrey would say it failed, but if you manually went in and started it from the command line (/etc/init.d/postgrey start), it would work just fine.

Postgrey won't be able to limit the mail users send though; you can sort of do that using things like Postfix rate delay's:

http://www.postfix.org/postconf.5.html#transport_destination_rate_delay http://www.postfix.org/postconf.5.html#default_destination_rate_delay

The controls there aren't particularly fine-grained, but perhaps it will do the trick.

-Eric

Mon, 07/06/2009 - 09:36
marciano

Hi Eric, I've installed Virtualmin last week.
We have posted at the same time, I've added that a second time of "enable postgrey" and seems to work.
Cluebringer Policyd seems to have the ability to limit amount of sending mail.
I really don't need such tool postgrey. I don't have a high mail traffic.
But you know, someone gets a user's password and it becomes a mess: blacklists, blocking IP, etc.-
Last time I had hotmail blocking my IP for three weeks, just because an absentminded user.
I am not sure if rate delay will fit my needs. Maybe I would need some extra help.
Thanks

Mon, 07/06/2009 - 09:44
marciano

I don't have the amavisd after postgrey inst.

Mon, 07/06/2009 - 10:28
ronald
ronald's picture

What I need is to limit the amount of smtp mails/user. Webmin - Servers - Postfix Mail Server - click on Delivery Rates, thats were to control the limits.

Postgrey is really great as it stops a lot of spam coming into your server.

Mon, 07/06/2009 - 10:47
marciano

Hello Ronald, I cannot set there limits for users like: "You cannot send more than 100 email/hour including multiple recipients TO, CC or BCC"
It seems like it is not possible in Postfix. This is because I am looking to install policyd
Thanks
M

Mon, 07/06/2009 - 11:27
ronald
ronald's picture

the default_process_limit is 100 but you can change that in the master.cf in below line, then reload postfix

# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
. . .
smtp inet n - - - 5 smtpd

Postfix is pretty sensible as it will look what it can send. If its not possible or not feasible, it will then deffer the mails and place it in the queue. There are further controls to handle the defered mail.

http://www.postfix.org/documentation.html

Mon, 07/06/2009 - 11:39
marciano

I'll look into it, thanks.

From maillog I see....
Jul 6 13:30:24 hostname postfix/trivial-rewrite[11248]: warning: do not list domain domain.com in BOTH mydestination and virtual_alias_domains
I haven't change any settings in Postfix itself but those added or restored accounts.
What do you suggest?

Mon, 07/06/2009 - 12:00
ronald
ronald's picture

It is a warning telling you not to list the same thing in 2 locations.

it's like you are waiting for a traffic light to turn green and someone tells you not to drive through red.

Mon, 07/06/2009 - 12:22
marciano

Okay, and how do I tell Postfix it is not necessary it tells me not to go on red light?

Mon, 07/06/2009 - 12:53
ronald
ronald's picture

lol

I really dont know. Can you get yourself to ignore the warning?

Mon, 07/06/2009 - 14:11
marciano

Yes of course. I'll have no reason to get a ticket!

Mon, 07/06/2009 - 17:32
marciano

Back again to the main issue by a different point of view.
Can I set my antispam (default from Virtualmin) to filter outgoing SMTP mails?

I mean: I moved to a new server to minimize intrusions, hijackers, whatever. Updated programs, new security systems, etc.
Most common hijackings are to send spam mail.
I host a few domains whose owners are human beens, they are fallible. Who knows, maybe one writes his user access in a post-it where anyone can see it or maybe other doesn't have enough protection in his computer and someone gets this data from his system.
One thing is to care about intruders, and the other is to have a red cross box just in case.
That's what I am looking for, the red cross box.
If, just only, if some user is sending bulk mail how can I classify and filter spam, same as incoming mail? And also send a warning message to user and admin.

Mon, 07/06/2009 - 17:04
ronald
ronald's picture

I don't think that is possible, but I don't know everything.

What you do to prevent users to send spam from your box is to control the limits. Users can't send more than x number of concurrent mails to certain domains at the same time (like hotmail/gmail/yahoo etc) and can't send more than x number of mails per batch etc.

I assume there should be more about that in the postfix documentation though

Mon, 07/06/2009 - 17:22
andreychek

Yeah, as Ronald said, that's all Postfix configuration and rate limiting stuff.

You'd want to poke through the docs there to get some ideas on how best to implement what you want.

The rate limiting things I mentioned should help you get started -- another place to look is in Webmin -> Servers -> Postfix -> Delivery Rates.

-Eric

Mon, 07/06/2009 - 17:28
marciano

Well, I've edited my previous post at the same time you posted yours!