1

Topic: local_domains_maps in amavisd-new

==== Required information ====
- iRedMail version: 0.8.1
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Linux/BSD distribution name and version: CentOS 6.3
- Related log if you're reporting an issue:
====

When adding a new domain is not necessary to add the domain name in local_domains_maps in amavisd-new?

According the amavisd.conf only the domain specified in the installation is listed in local_domains_maps.

@local_domains_maps = ( [".$mydomain","domain.com.br"] );  # list of all local domains

Regards,

Ari

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: local_domains_maps in amavisd-new

ariarantes wrote:

When adding a new domain is not necessary to add the domain name in local_domains_maps in amavisd-new?

It's better to list all hosted mail domains in local_domains_maps, so that Amavisd will insert mail headers for them if necessary.

3

Re: local_domains_maps in amavisd-new

Without the domain in local_domains_maps, the spamassassin is not working. The painel is not insert the domain in this variable.

4

Re: local_domains_maps in amavisd-new

ariarantes wrote:

The painel is not insert the domain in this variable.

Sorry, iRedAdmin-Pro won't modify files on file system. That's why new domain name was not inserted.

5

Re: local_domains_maps in amavisd-new

Does antispam work without the domain in this variable?

6

Re: local_domains_maps in amavisd-new

Yes.

7

Re: local_domains_maps in amavisd-new

Only the header is not inserted when the domain is not in local_domain_maps?

8

Re: local_domains_maps in amavisd-new

Yes.

9

Re: local_domains_maps in amavisd-new

Is it possible to query the local_domain_maps from sql?

10

Re: local_domains_maps in amavisd-new

Yes. But unfortunately, i forget how to achieve this. sorry. sad
It's mentioned in this forum, you can try searching with Google. Or search Amavisd-new mailing list.

11 (edited by ariarantes 2012-08-17 05:00:42)

Re: local_domains_maps in amavisd-new

I've tested without the domain in the local_domain_maps and the maillog shows the hit 8.292, but mail filter does not work. The message is not tagged as spam.

Aug 16 17:53:33 pardal amavis[3676]: (03676-01) Passed SPAM, LOCAL [209.85.214.50] [209.85.214.50] <userx@gmail.com> -> <contato@domain.com.br>, quarantine: pLzeT0M3mIyC, Message-ID: <CAAuE8BS5OsnSxU8OjZLXEC2EY0SOvf_MXxaVrz9R9TXX_JKqfw@mail.gmail.com>, mail_id: pLzeT0M3mIyC, Hits: 8.292, size: 2493, queued_as: 1AD1B8162A, dkim_id=@gmail.com, 577 ms

With the domain in local_domain_maps, it works ok! The message is moved to Junk folder and the *** SPAM *** is concated in subject.


Regards,

Ari

12

Re: local_domains_maps in amavisd-new

Oops, then it's my mistake. Sorry about my misunderstood.

"hit 8.292" means Amavisd invokes SpamAssassin for content-based spam scanning. Just not insert mail headers.

13 (edited by ariarantes 2012-08-18 00:57:00)

Re: local_domains_maps in amavisd-new

ZhangHuangbin wrote:

Oops, then it's my mistake. Sorry about my misunderstood.

"hit 8.292" means Amavisd invokes SpamAssassin for content-based spam scanning. Just not insert mail headers.

You are right, Amavisd invokes SpamAssassin and the hit 8.292 was done... But without the domain in local_domain_maps, the subject of the message is not tagged and the message is not moved to Junk folder, it's simply delivered as normal message. Is this right???

Just put the domain in local_domain_maps and the message is tagged (subject *** SPAM ***) and it is moved to Junk folder. So the iRedMailPro need to put every new domain in local_domain_maps.

14

Re: local_domains_maps in amavisd-new

Looks like we have to:

- Create a cron job to dump all hosted mail domain names in a plain text file. e.g. /etc/postfix/all_hosted_mail_domains. Correct format is one mail domain name per line. For example:

domain1.com
domain2.com
...

- Modify amavisd.conf to read all local domains from /etc/postfix/all_hosted_mail_domains:

@local_domains_maps=read_hash("/etc/postfix/all_hosted_mail_domains");

15

Re: local_domains_maps in amavisd-new

ZhangHuangbin wrote:

Looks like we have to:

- Create a cron job to dump all hosted mail domain names in a plain text file. e.g. /etc/postfix/all_hosted_mail_domains. Correct format is one mail domain name per line. For example:

domain1.com
domain2.com
...

- Modify amavisd.conf to read all local domains from /etc/postfix/all_hosted_mail_domains:

@local_domains_maps=read_hash("/etc/postfix/all_hosted_mail_domains");

I found the following workaround:

@local_domains_maps = ['.'];

It seems everything works well and I get all the X-Spam Headers for every domain.

Is this workaround causing other problems (e.g. security) that I did not think about?

16

Re: local_domains_maps in amavisd-new

It should be fine.

17

Re: local_domains_maps in amavisd-new

is this still relevant ?  I just rewrote with the . in @ local_domain_maps

18 (edited by Unksi 2014-04-04 18:39:00)

Re: local_domains_maps in amavisd-new

Using . at @local_domains_maps does not work if you filter all spam sent from local domains. This is because Amavisd will not be able to distinguish local and remote domains from each other, and will consider everything to be local.

Edit: The following seems to help:

#@local_domains_maps = ( [".$mydomain","mail.mydomain.de"] );  # list of all local domains
$sql_select_policy = 'SELECT "Y" AS local FROM domain WHERE CONCAT("@", domain) IN (%k)';

@lookup_sql_dsn = ( ['DBI:mysql:database=vmail;host=127.0.0.1;port=3306', 'vmail', 'your password comes here'] );

Source: http://spamassassin13.rssing.com/chan-1 … ll_p1.html

19

Re: local_domains_maps in amavisd-new

If you enable @lookup_sql_dsn, Amavisd will query addition SQL tables which not exist in "vmail" database.

20 (edited by bmackay 2014-06-02 20:24:58)

Re: local_domains_maps in amavisd-new

The new default setting for iRedMail amavisd is

@local_domains_maps = 1

This seems to be a short circuit in Amavisd.   Everything is forced local.

This generates a huge amount of administrative mail when inbound spam is detected for domains where transport is set to smtp:[xx.xx.xx.xx]:25

Mail logs are showing disinformation with all traffic identified as {RelayedInternal}, MYUSERS LOCAL

Jun  2 07:15:56 mail1 amavis[26701]: (26701-12) Passed CLEAN {RelayedInternal}, MYUSERS LOCAL [209.85.192.180]:48958 [121.206.104.147] <hisaddress@iredmail.org> -> <myaddress@mydomain.net>, Queue-ID: ABE40C7, Message-ID: <AB1E39B2-082F-4CA7-BF64-6355C44F677D@iredmail.org>, mail_id: wx_oAhNaCChH, Hits: -5.23, size: 3721, queued_as: 985612E4F, dkim_sd=dkim:iredmail.org, 10714 ms

I wonder if this is why iRedAdminPro shows remote users in the dashboard top senders list.  I'm more interested in knowing who the actual top users are that are generating outbound mail than to see how much inbound traffic we get from Facebook or Twitter. 

At any rate, a more elegant solution for local_domains_maps is needed.

21

Re: local_domains_maps in amavisd-new

bmackay wrote:

Mail logs are showing disinformation with all traffic identified as {RelayedInternal}, MYUSERS LOCAL

Is this an issue for you? Why?

bmackay wrote:

I wonder if this is why iRedAdminPro shows remote users in the dashboard top senders list.

No.

bmackay wrote:

At any rate, a more elegant solution for local_domains_maps is needed.

You can manually list all virtual mail domains in '@local_domains_maps'.

22

Re: local_domains_maps in amavisd-new

I was able to accomplish what I need by setting

@local_domains_maps = ();

   Since I don't have any domains that I process outbound mail for without corresponding users in LDAP, I don't need to explicitly list any domains.   Since I don't have any users listed in LDAP that aren't considered local users (at least in that branch of my LDAP directory) I don't have to worry about exceptions and setting amavisLocal on users.

I had just assumed that all domains had to be listed for this to work.   I was wrong and suspect others have made the same assumption.

LDAP implicitly prepends the lookup for a user to local_domains_maps.  Hence my list is empty and I just deal with each user case by case as they send mail.   LDAP does this lookup anyway so there is no additional overhead associated with this approach.

So far as the outcome of this change?

Inbound mail is no longer flagged MYUSERS.  Outbound mail is properly marked.

This handles a constantly changing list of 50+ domains without having to mess with stable config files.  I'm also able to use the MYUSERS policy bank as intended - just on locally generated outbound mail.

So far as the logs go, I like them to reflect reality.   I often exchange log information with other sysadmins when having to troubleshoot mail pathing issues.  If my logs are wonky the finger is automatically pointed my direction and I waste time having to explain anomalies.

I'm still checking total server behavior, but it seems this fix does what I need.   I do want to scan outbound mail for spam so need to confirm that is enabled and working.   Locally originating messages are now flagged correctly outbound. 

Passed CLEAN {RelayedOutbound}, MYUSERS

Spam filtering on relayed mail no longer shows as MYUSERS.  Currently appearing in logs as

Bocked SPAM {DiscardedOutbound}

Normal inbound mail is being scanned and logged as

Passed CLEAN {RelayedInternal}

23

Re: local_domains_maps in amavisd-new

Just confirming that everything seems to be working as intended with regard to outbound spam detection.  Sending an outbound message with the GTUBE string embedded generated an admin email which included the following scores.  It scored inbound mail on port 587 with -10 since it originated from a trusted source, then slammed it +1000 for GTUBE.

Content analysis details:   (990.0 points, 5.0 required)

 pts rule name              description
---- ---------------------- --------------------------------------------------
 -10 ALL_TRUSTED            Passed through trusted hosts only via SMTP
1000 GTUBE                  BODY: Generic Test for Unsolicited Bulk Email
 0.0 HTML_MESSAGE           BODY: HTML included in message
 0.0 TVD_SPACE_RATIO        TVD_SPACE_RATIO

Mail log shows

Blocked SPAM {DiscardedOutbound}, MYUSERS LOCAL

I'm quite happy with the end result.  Perhaps this was too obvious for others to post.  I've been struggling with it and was too stubborn to give in and just statically list the local domains and their aliases.