"Fossies" - the Fresh Open Source Software Archive

Member "amavisd-new-2.11.1/README_FILES/README.courier-old" (25 Apr 2006, 6804 Bytes) of package /linux/misc/amavisd-new-2.11.1.tar.bz2:


As a special service "Fossies" has tried to format the requested text file into HTML format (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file.

    1 How to use amavisd-new with Courier
    2 ***********************************
    3 
    4 by Martin Orr <amavis@martinorr.name>
    5 
    6   WARNING:  This README applies to the older version of the Courier patch
    7   which can be used with versions of Net::Server older than 0.90.
    8   If you have Net::Server 0.90 or later, please see README.courier
    9   and use the newer amavisd-new-courier.patch.
   10 
   11 There are two different ways of using amavisd-new with Courier.  In one of
   12 these, the startup and shutdown of amavisd is controlled by courierfilter and in
   13 the other it is done independently (probably through its own init script):  I
   14 shall refer to these as the courierfilter and the manual startup/shutdown modes.
   15 It is important to note however that even in manual startup/shutdown mode,
   16 amavisd still talks to Courier using the courierfilter protocol.
   17 
   18 COURIERFILTER STARTUP/SHUTDOWN MODE
   19 
   20 This is probably the preferable mode of operation, but it alters the original
   21 amavisd code more deeply.  In this mode amavisd (assuming it is enabled) will be
   22 automatically started and stopped whenever Courier starts and stops, and you can
   23 enable/disable it with
   24 filterctl {start|stop} amavisd
   25 
   26 If this mode is enabled in amavisd.conf, you must not start, restart or stop
   27 amavisd other than through filterctl.
   28 Also it may take up to 10 seconds after stopping courierfilter or using
   29 "filterctl stop amavisd" before amavisd actually stops.  During this time you
   30 cannot start amavisd again: this particularly annoying because it means that
   31 "courierfilter restart" will not work, since it stops courierfilter and then
   32 starts it again immediately (in fact it will appear to work but all messages
   33 will be rejected with 432 Mail filters unavailable).
   34 
   35 MANUAL STARTUP/SHUTDOWN MODE
   36 
   37 In this mode you need to ensure that amavisd starts as soon as possible after
   38 Courier, as mails which arrive after Courier starts but before amavisd will not
   39 be filtered.  (This includes when Courier is restarted.)  However, starting
   40 amavisd before Courier will unfortunately not work.  If you wish to disable
   41 virus checking you must not only stop amavisd but also remove the socket -
   42 Courier will refuse to accept mail while the socket exists but amavisd is not
   43 running.
   44 
   45 CONFIGURATION
   46 
   47 In amavisd.conf:
   48 1. If you are using courierfilter startup/shutdown mode:
   49         Comment out the lines setting $daemon_user, $daemon_group: amavisd will
   50         be started as whatever user Courier runs as (not root) so is unable to
   51         change to another user.
   52     If you are using manual startup/shutdown mode:
   53         Set $daemon_user to whatever value you like.  Set $daemon_group to the
   54         same group Courier runs as (probably courier or daemon) so that Courier
   55         will be able to write to amavisd's socket.
   56 2. Set $forward_method to undef and $notify_method to
   57     'pipe:flags=q argv=/usr/sbin/sendmail -f ${sender} -- ${recipient}'
   58    If you wish to include "local" in your enablefiltering file, or you are using
   59    a version of Courier older than 0.49.0, then you must instead use
   60     'pipe:flags=q argv=perl -e $pid=fork();if($pid==-1){exit(75)}elsif($pid==0){exec(@ARGV)}else{exit(0)} /usr/sbin/sendmail -f ${sender} -- ${recipient}'
   61 3. Set $courierfilter_shutdown to 1 if you are using courierfilter
   62    startup/shutdown mode, 0 if you are using manual startup/shutdown mode.
   63 4. Set $unix_socketname to DIR/amavisd where DIR is the appropriate
   64    courierfilter directory.  You need to decide whether you want a mandatory
   65    filter, in which case all mail passing through your server will be filtered,
   66    or an optional filter, in which case only mail to local users will be
   67    filtered, and your users will have the option of overriding filtering (you
   68    will almost certainly want a mandatory filter).  You should see the
   69    courierfilter manpage for more details, and also for the correct directories
   70    on your system (on mine, they are /var/lib/courier/allfilters for mandatory
   71    filters and /var/lib/courier/filters for optional filters).
   72 5. Replace any existing setting of $interface_policy{'SOCK'} with
   73      $interface_policy{'SOCK'} = 'AM-SOCK';
   74      $policy_bank{'AM-SOCK'} = { protocol => 'COURIER' };
   75 
   76 If you are using manual startup/shutdown mode, in order to allow amavisd to
   77 create its socket you must either start amavisd as root or make the filter
   78 directory group-writable.
   79 
   80 If you are using courierfilter startup/shutdown mode, install amavisd or a link
   81 to it in /usr/lib/courier/filters (or whatever directory is correct on your
   82 system - again, see the courierfilter manpage).  The name of this link must
   83 match the name of the socket in $unix_socketname.
   84 
   85 Make sure that the enablefiltering file exists in your Courier configuration
   86 directory (/etc/courier or equivalent) and contains "esmtp".  If you wish to
   87 include "local", to filter mail sent through the sendmail command, then you must
   88 use the long forking value of $notify_method in step 2 above.
   89 
   90 The patch also places the MTA queue ID into a %Q macro which you can use
   91 in log templates to get the Courier queue ID of the message. This is now
   92 in the default log template.
   93 
   94 RELEASING ITEMS FROM QUARANTINE
   95 
   96 If you wish to be able to release items from quarantine using the AM.PDP
   97 protocol, you must set this to use a TCP port.  Include the following in
   98 amavisd.conf:
   99 $inet_socket_port = 9998;
  100 $interface_policy{'9998'} = 'AM.PDP';
  101 $policy_bank{'AM.PDP'} = {
  102   protocol => 'AM.PDP',
  103   inet_acl => [qw( 127.0.0.1 [::1] )]    # restrict access to these IP addresses
  104 };
  105 
  106 Modify the amavisd-release script to use $socketname = '127.0.0.1:9998'.
  107 
  108 LIMITATIONS
  109 
  110 All the courierfilter protocol allows is to simply accept or reject a message.
  111 In addition it is possible by bypassing the protocol itself to add or remove
  112 recipients (thanks to Gordon Messmer for the original implementation of this in
  113 courier-pythonfilter).
  114 However it cannot modify the headers, rendering amavisd-new/courierfilter of
  115 limited use for spam checking.  If you want spam checking, you should run spamd
  116 separately and pass mail to it either using maildrop or from .courier files.
  117 
  118 In this version of the patch, it is now possible to use D_BOUNCE and D_DISCARD
  119 as message destinies, as well as D_REJECT or D_PASS.  D_REJECT is probably still
  120 a good choice however as the message is rejected in the original SMTP session.
  121 The client MTA receives the response "550 5.7.1 Message content rejected" and it
  122 is the client, not Courier, who is responsible for any DSN.
  123 
  124 =========
  125 See also the PerlStalker's SysAdmin Notes and Tools: Courier+amavisd-new by
  126 Randall B. Smith, http://perlstalker.amigo.net/courier/amavisd-new.phtml
  127 It applies to the 20040701 release since which time the Courier patch has been
  128 completely rewritten.  It still contains much useful information, but must be
  129 read in conjunction with this README.