|How does the Postfix plug-in work?|
An example of this type of configuration would be to run the Mail Scanner on port 10025 and the non-filter enabled SMTP on port 10026, as is described in the FILTER_README file in the Postfix distribution.First add this line to main.cf:
content_filter = smtp:[127.0.0.1]:10025This will cause Postfix' default SMTP daemon to pipe all mail to the address 127.0.0.1:10025.
Then add these 3 entries to master.cf:
scan unix - - n - 10 smtpThe first entry specifies that Postfix's master service shall run at most 10 processes simultaneously to pipe the mail from the SMTP daemon to external filter. The second entry makes the master service run at most 10 smtpd processes simultaneously on address localhost:10026 to receive the mail from the filter, and configures it so it does not loop the mail back to the external filter. And the third entry makes the master service run at most 10 instances simultaneously of the Mail Scanner to filter the mail on address localhost:10026 and advises the Mail Scanner that the SMTP daemon it's supposed to relay SMTP connections to is running on address 127.0.0.1:10026.
localhost:10026 inet n - n - 10 smtpd-o content_filter=localhost:10025 inet n n n - 10 spawn
-o mynetworks=127.0.0.0/8user=nobody argv=/usr/local/f-prot/tools/scan-mail.pl -postfix 127.0.0.1:10026
The Mail Scanner will add a header line to your e-mail, "X-Antivirus: Scanned by F-PROT Antivirus (http://www.f-prot.com)"
If F-PROT Antivirus detects an infection in a message or attachment, the Mail Scanner will try to neutralize the threat. If the infection is removed, the Mail Scanner will only defang the message or attachment. If, however, F-PROT Antivirus fails to remove the infection, the message or attachment will be removed, and an appropriate message will be appended to the e-mail. The Mail Scanner will take no action if the attachment is found to be clean. In the case of a runtime error, the Mail Scanner will defang the message. Defanging involves changing the filename extension, and thus removing the danger of a user running the attached file by double-clicking it.
The Mail Scanner can be configured to generate backups of all incoming mail by supplying it with the -backup switch. To generate backups of infected messages only, use the -quarantine switch. This will cause the Mail Scanner to create a directory MMDD/ under /usr/local/f-prot/backup (where MM is a number representing the month, and DD is a number representing the day of the month), and a file underneath there in the format of unix-time.pid. That file will contain the original message before the Mail Scanner scanned it.