I'm running a PostFox-Amavis setup, almost like the ones in the tutorials, but without the mysql backend part. We recieve a lot of mail, reject a lot of spam with postfix, scan the rest with amavis en then to the mailbox. Outgoing email from our servers pass throught the postfix, to amavis, and amavis descides it's mail from the local networks and just sends it out. While this is fine for most situations, we provide a service to our clients for sending commercial mailings (not spam but sometimes a lot (40k mails)). Sending one email through the postfix-amavis takes (according to mail.log) 200ms in amavis, so about 5 mails per second. This just doesn't cut it. I would like to change it so that postfix doens't send it to amavis if it is a email originating from the local nets and just sends it out. My master.cf Code: smtp-amavis unix - - y - 4 lmtp -o lmtp_data_done_timeout=1200 -o lmtp_send_xforward_command=yes -o disable_dns_lookups=yes -o max_use=20 127.0.0.1:10025 inet n - y - - smtpd -o content_filter= -o smtpd_restriction_classes= -o smtpd_delay_reject=no -o smtpd_client_restrictions=permit_mynetworks,reject -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o smtpd_data_restrictions=reject_unauth_pipelining -o smtpd_end_of_data_restrictions= -o mynetworks=127.0.0.0/8 -o smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000 -o smtpd_client_connection_count_limit=0 -o smtpd_client_connection_rate_limit=0 -o smtpd_milters= -o local_header_rewrite_clients= -o local_recipient_maps= -o relay_recipient_maps= -o receive_override_options=no_header_body_checks,no_unknown_recipient_checks ##-o strict_rfc821_envelopes=yes in my amavis.conf Code: ### BYPASS LOCAL EMAILS ## @mynetworks = qw( 127.0.0.0/8 [::1] [FE80::]/10 [FEC0::]/10 192.168.0.11/16 ); $policy_bank{'MYNETS'} = { # mail originating from @mynetworks bypass_spam_checks_maps => [1], # don't spam-check internal mail bypass_banned_checks_maps => [1], # don't banned-check internal mail final_spam_destiny => D_PASS, final_banned_destiny => D_PASS, bypass_virus_checks_maps => [1], bypass_header_checks_maps => [1], final_virus_destiny => D_PASS, }; the ip's in @mynetworks are mirrored in the mynetworks in the postfix main.cf in main.cf i have the following (parts offcourse) Code: smtpd_recipient_restrictions = check_client_access hash:/etc/postfix/helo_client_exceptions check_sender_access hash:/etc/postfix/sender_checks, reject_invalid_hostname, ## Can cause issues with Auth SMTP, so be weary! # reject_non_fqdn_hostname, ################################## reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, permit_mynetworks, reject_unauth_destination, # Add RBL exceptions here, when changing rbl_client_exceptions, this file must be regenerated using postmap <file>, to generate a Berkeley DB check_client_access hash:/etc/postfix/rbl_client_exceptions, reject_rbl_client cbl.abuseat.org, reject_rbl_client sbl-xbl.spamhaus.org, reject_rbl_client bl.spamcop.net, reject_rhsbl_sender dsn.rfc-ignorant.org, # check_policy_service inet:127.0.0.1:60000 ## permit can anyone help or point me to a tutorial/manual on how to implement this sollution. ps. i don't want to use an alternative port on the mailserver for outgoing, non-checked emails.
Hi, that post is not an answer for my problem. You describe a way to bypass the checking in amavis itself, but i want to prevent sending the email from postfix to amavis all together. So i would need a config tweak for postfix, and not for postfix. The reason for this is that just sending an email through amavis, even when bypassing all checks (spam and virus) still takes 200 miliseconds.
