Bypass banned content check from localhost , and bypass incoming badh problem

weber at weber at
Tue Feb 5 22:44:18 CET 2013

Am 2013-01-28 08:21, schrieb Patrick Ben Koetter:
> * weber at <weber at>:
>> >You have a Postfix smtpd server listening on 10026 AND you tell 
>> amavis to
>> >listen on 10026 too? I doubt this will work. Did you tell amavis to 
>> bind to
>> >port 10026?
>> No, not all. I have :
>> /etc/amavisd.conf =
>> $inet_socket_port = 10024;
> That's part of your problem.
> By default all traffic, regardless where it comes from (external, 
> internal)
> and goes to (external, internal) is handled by the same amavis
> filtering policy.
> You want to treat some senders different. ATM you want to identify 
> them by
> their sender address (which is not a good method, because it can be 
> faked
> easily. But that's something we may address later).
> So you need to create a special context within that amavis will apply
> different filtering rules.
> The way to create special contexts in amavis is to define
> policy_banks. Within
> a policy bank you may apply special, non-default settings; default 
> settings
> from amavis default context will remain unchanged.
> You've created a policy_bank and called it ORIGINATING.
> Then you told amavis to route all traffic, that enters amavis on port
> 10026 to
> its ORIGINATING policy bank.
> So far so good. So what is missing at the moment?
> You haven't told amavis yet to _listen_ on port 10026. A 
> configuration that
> tells amavis to listen on 10024 AND 10026 goes like this:
> $inet_socket_port = [10024,10026];

from an mail before:
i have this in my <<<>>> inet n  -       n       -       -       smtpd
         -o content_filter=
         -o local_header_rewrite_clients=
         -o local_recipient_maps=
         -o mynetworks=
         -o mynetworks_style=host
         -o relay_recipient_maps=
         -o smtp_send_xforward_command=yes
         -o smtpd_authorized_xforward_hosts=
         -o smtpd_client_connection_count_limit=0
         -o smtpd_client_connection_rate_limit=0
         -o smtpd_client_restrictions=permit_mynetworks,reject
         -o smtpd_data_restrictions=reject_unauth_pipelining
         -o smtpd_delay_reject=no
         -o smtpd_end_of_data_restrictions=
         -o smtpd_error_sleep_time=0
         -o smtpd_hard_error_limit=1000
         -o smtpd_helo_restrictions=
         -o smtpd_recipient_restrictions=permit_mynetworks,reject
         -o smtpd_restriction_classes=
         -o smtpd_sender_restrictions=
         -o smtpd_soft_error_limit=1001
         -o strict_rfc821_envelopes=yes

and this in the amavid.conf:

$notify_method  = 'smtp:[]:10026';
$forward_method = 'smtp:[]:10025';

so when i do like u suggested:

$inet_socket_port = [10024,10026];

i get in logs :

Feb  5 21:57:53 mail amavis[15917]: starting. /usr/sbin/amavisd at amavisd-new-2.7.2 (20120629), Unicode aware, 
Feb  5 21:57:53 mail amavis[15918]: (!)Net::Server: 2013/02/05-21:57:53 
Can't connect to TCP port 10026 on [Address already in use]\n  
at line 67 in file 

cause postfix already listens on 10026.

do i just have to follow your link that my own domain on sending is 
skipped checking for banned content?
or do i have to change the



> Use 'lsof -Pni | grep amavis' after you reloaded amavis to verify it 
> listens
> on both ports.
> Once you have this set up, amavis will be ready to apply different 
> filtering
> rules.
> Now if you use Postfix to feed amavis with messages, you need to tell 
> Postfix
> to route messages for specific senders to port 10026. This link
> should explain
> how to do it:
> <>
> p at rick

More information about the amavis-users mailing list