Overview

File README.qmail of Package amavisd-new

The general idea of using AMAVIS with qmail is to insert amavisd-new into the
processing queue between qmail-smtpd and qmail-queue. This package contains a
modified version of amavisd, which provides a qmqpd-like interface to be accessed
by qmail-qmqpc.

The standard qmail mail processing workflow looks like this:

qmail-smtpd -> qmail-queue -> qmail-send -> qmail-{local,remote}

With amavis, it is modified to look like this:

qmail-smtpd(1) -> qmail-qmqpc -> amavisd ->
 qmail-smtpd(2) -> qmail-queue -> qmail-send -> qmail-{local,remote}

There some important things to note here:

- Relay checks are only possbile for qmail-smtpd(1), because it is the only
  point in the queue where the original incoming IP address is visible.

- amavisd/qmail-qmtpd do not perform relay checks, they will process *all* incoming
  messages. Therefore, amavisd SHOULD be bound to a local-only address (127.0.0.1).

- qmail-smtpd([12]) can actually be the same instance, where cases 1 and 2 are
  distinguished by incoming IP address (127.0.0.1). In that case, mail originating
  from localhost will not be run through amavisd. It is possible, though, to run
  a separate qmail-smtpd instance on a different port number, e. g., that is only
  reachable for amavisd.

- amavisd runs as non-root and must therefore use a port number > 1024. qmail-qmqpc
  will per default always connect to port 628, though. The original HOWTO[1] for using
  amavisd with qmail suggests patching qmail-qmqpc. It is also possible (and IMO
  preferrable), at least on linux, to use DNAT instead, like
   iptables  -t nat -A OUTPUT -d 127.0.0.1 -p tcp --dport 628 -j DNAT --to-destination :10628
  If you're using SuSEfirewall2, you'll also have to delete an automatic rule,
  otherwise the above will be ignored:
   iptables -t raw -D OUTPUT -j NOTRACK -o lo

USE AT YOUR OWN RISK!

[1] http://www.imladris.sk/howto/howto_qmqpqq.html

(C) 2011-2012 Peter Conrad <conrad@quisquis.de>

This file is licensed under the terms of the
GNU General Public License Version 2. A copy of these terms should be
enclosed as "LICENSE" in the package containing this file.
openSUSE Build Service is sponsored by
Places