Here are some Postfix Configuration tips/things/stuff
[http://www.thinkdebian.org/archives/652]
Setup
The server is currently configured to use procmail as it's delivery agent, and all further scanning is done as procmail filters. The setup for postfix to do this was easy, just add to /etc/postfix/main.cf:
mailbox_command = /usr/bin/procmail
Now, the default procmailrc (in /etc/procmailrc)
MAILDIR=$HOME/Maildir DEFAULT=$MAILDIR/new LOGFILE=/var/log/procmail DROPPRIVS=yes VERBOSE=yes # If the message is > 512k, don't run it by spamc :0fw: * < 512000 | spamc # If the spam level is 15+, throw i straight to Junk :0: * ^X-Spam-Level: \*\*\*\*\*\*\*\*\*\*\*\*\*\*\* .Junk/ # If the spam flag is set, move it to Spam :0: * ^X-Spam-Flag: Yes .Spam/
These rules are executed in order. The first rule is a "non delivering" rule, and simply runs the message past spamc as long as the message is < 512k. The next two rules match against email headers and file into different boxes: if the score is 15 or over, throw it into Junk right away. If the spam flag is set, throw it into Spam. This keeps the inbox mostly free of spam but allows you to recover false positives.
Possible Improvements
I need to do some more experimenting w/ procmail over the next few days, but I am led to believe that once a delivering rule is encountered delivery is done and that's that; this means that if you want to customize your spam delivery rules, you won't be able to because /etc/procmailrc already does it. I want to make the system flexible, but I also want it to just work for new users, so maybe I should put those rules in /etc/skel/.procmailrc and also create a copy for all of the users on the server?
- Drop mail on RBL Match (reverse blacklist) -- this will save on spamc processing (which typically takes upwards of 5 seconds per message, even on tiny messages)
Encountered Errors (and fixes)
NIS domain name not set
If you're getting this warning in /var/log/mail.warn:
warning: dict_nis_init: NIS domain name not set - NIS lookups disabled
You can fix it by disabling NIS in your postconf. First do postconf |grep nis to see what commands to change. For this server, all we had was:
alias_maps = hash:/etc/aliases, nis:mail.aliases
So issue the command postconf -e alias_maps="hash:/etc/aliases"
/nonexistent/ ... Spamassasin errors
Here's a page that details a few possible solutions to these issues.
http://lists.debian.org/debian-user/2007/01/msg03706.html
I've gone ahead and used his preferred solution, putting the spamassassin bayes stuff in /var/mail/conf/spamassassin/bayes
.