Per Jessen said the following on 08/30/2011 03:03 PM:
[snips...]
The "BUT" is the big one. People are recommending 'sieve'. OK, but HOW?
sieve scripts are located in your users home directory - for dovecot, the default script is ".dovecot.sieve".
I got that from the docco ...:-)
There is some fairly good reference/example stuff for sieve "out there".
Yes, I know, I've googled and followed links for the best part of day on this already and ...
The stuff I see on the net assumes mail is coming in via SMTP into Postfix whihc has - or maybe not - a like to spamd and then loops abck to the dovecot LDA and somehow .... somehow ... somehow ... to the sieve. But the sieve examples I see aren't as flexible as Procmail.
Please read that again. Please also go back though this thread and look at other exchanges about K.I.S.S and not making use of Postfix when running fetchmail
sieve is invoked by dovecot as part of delivery. For instance, here's a bit of my dovecot.conf:
protocol lmtp { mail_plugins = sieve quota }
And how is that relevant ? I see what it does but how is it relevant to what I'm faced with? Quotas aren't a problem for me. I can throw another 1T at my mail store if I want. Its MY mail store.
I don't know procmail very well, so regarding how it compares to sieve, well, you tell us when you're done converting :-)
HAHAHAHA!
Ah, right, 'sieve'. But wasn't that replacing procmail?
Yup.
My current procmail does whitelisting and delivery (for example of this list), blacklist, handling of known spam - BEFORE passing to SpamAssassin.
I'm not sure you'll be able to run spamassassin as part of a sieve script.
Then what use is it to me?
I would recommend running that under the control of postfix,
So I now do fetchmail from @antonaylward.com which is off site and push that into Postfix which promptly delivers it back to my off site address.. WTF! My home site is distinct from the domains I own (and those are implemented at various ISP). No doubt other people are in this situation. My cable provider will not let me run a 'server', be it SMTP or HTTP. and they run scans. So all my mail is delivered off site. That includes the mailboxes at my cable provider's address. Which is why I use fetchmail. And to be able to test, I need to be able to send from home to those addresses, so Postfix doesn't see them as local delivery. The whole point of this is to NOT involve Postfix! Mail does not come in. The is no "port 25 incoming". Mail is fetched. Postfix is not currently in the loop for that. Postfix on the mail hub is there for convenience when I'm not using TB. TB can send mail without Postfix.
maybe with amavisd. A while ago, I wrote an article about a postfix-fetchmail-spamassassin config:
Yes I saw that when googling. A good example of what I'm trying to avoid.
Then if its over the threshold for spam it goes into various buckets. The algorithm isn't perfect, some marginal stuff shouldn't be there, and sometimes a reasonable post gets a large score for whatever reason.
Procmail handles all this gracefully and without the odd syntax that sieve has.
procmail just uses it's own odd syntax :-) Sure, sieve is different, but you'll get used to it.
All syntax is odd to someone; try learning Chinese as an English speaker. Or vice versa.
Leaving out running spamassassin, what else do you do with procmail?
I thought I'd covered that more than once on this thread. Whitelisted, blacklisted, dealt with incorrectly formed headers, archaic addresses, lists that won't unsubscribe and delivery to list mailboxes. You'd be amazed how many list use the "[listname]" format on the subject line, which with a pattern match makes delivery to the right box easy. :-)
Your whitelisting probably isn't necessary, so leave that out too.
I disagree.
Having to run everything through spamassassin will be a performance pig!
Not at all. You won't notice it on any halfway modern machine. I have a test system running SA on 400MHz PII - a bit slow, but works fine.
My mail hub is about the same and I've experimented. Running spamassassin on lists that I want to accept and file is a waste of time and, yes, I've measured it, it does slow delivery down. More to the point, some of the things I whitelist are whitelisted because spamassassin marked them as spam in the past. The contents of this list included! Whitelisting and blacklisting make a lot of sense for me. YMMV. -- As security or firewall administrators, we've got basically the same concerns [as plumbers]: the size of the pipe, the contents of the pipe, making sure the correct traffic is in the correct pipes, and keeping the pipes from splitting and leaking all over the place. Of course, like plumbers, when the pipes do leak, we're the ones responsible for cleaning up the mess, and we're the ones who come up smelling awful... -- Marcus J. Ranum -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org