Disable spamd - all mail in "Inbox"

anivard · March 25, 2021, 6:54am

Hello,

I would like disable spamd, then I want all mails in “Inbox”

The following topics is not working:

cat /etc/default/spampd
[...]
ADDOPTS="–maxsize=0"
maxsize=0

What is the correct option ?

Thank you

daveteu · March 25, 2021, 9:02am

you may be looking at this line located in /etc/postfix/main.cf. (untested)

github.com

mail-in-a-box/mailinabox/blob/7d6c7b66106573881911a9b391f2594846701085/setup/mail-postfix.sh#L219


# * `reject_unlisted_recipient`: Although Postfix will reject mail to unknown recipients, it's nicer to reject such mail ahead of greylisting rather than after.
# * `check_policy_service`: Apply greylisting using postgrey.
#
# Notes: #NODOC
# permit_dnswl_client can pass through mail from whitelisted IP addresses, which would be good to put before greylisting #NODOC
# so these IPs get mail delivered quickly. But when an IP is not listed in the permit_dnswl_client list (i.e. it is not #NODOC
# whitelisted) then postfix does a DEFER_IF_REJECT, which results in all "unknown user" sorts of messages turning into #NODOC
# "450 4.7.1 Client host rejected: Service unavailable". This is a retry code, so the mail doesn't properly bounce. #NODOC
tools/editconf.py /etc/postfix/main.cf \
	smtpd_sender_restrictions="reject_non_fqdn_sender,reject_unknown_sender_domain,reject_authenticated_sender_login_mismatch,reject_rhsbl_sender dbl.spamhaus.org" \
	smtpd_recipient_restrictions=permit_sasl_authenticated,permit_mynetworks,"reject_rbl_client zen.spamhaus.org",reject_unlisted_recipient,"check_policy_service inet:127.0.0.1:10023"

# Postfix connects to Postgrey on the 127.0.0.1 interface specifically. Ensure that
# Postgrey listens on the same interface (and not IPv6, for instance).
# A lot of legit mail servers try to resend before 300 seconds.
# As a matter of fact RFC is not strict about retry timer so postfix and
# other MTA have their own intervals. To fix the problem of receiving
# e-mails really latter, delay of greylisting has been set to
# 180 seconds (default is 300 seconds).
tools/editconf.py /etc/default/postgrey \
	POSTGREY_OPTS=\"'--inet=127.0.0.1:10023 --delay=180'\"

Disclaimer: This is untested, and likely get overwritten during updates

openletter · March 25, 2021, 12:37pm

Is your goal truly to disable spamassassin or is it to disable the blacklist checks?

And note that the check_policy_service inet:127.0.0.1:10023 is postgrey, not spamassassin.

I believe disabling spamassassin is something more than just removing a line in main.cf because as I understand it postfix sends the mail to spampd which I believe is what actually delivers the mail to the inbox, but I might be wrong on that:

virtual_transport=lmtp:[127.0.0.1]:10025

It may be better if you share a specific problem or desired output, because usually it is not very desirable to disable spamassassin completely as there are other ways to deal with spamassassin especially in specific use cases.

OTOH, if your goal is only to disable blacklists, which it seems like that is the goal in the linked article, just remove reject_rbl_client zen.spamhaus.org from main.cf.

daveteu · March 25, 2021, 1:10pm

a simple explanation on this line.

This is how postfix allow the email by order.
permit_sasl_authenticated,permit_mynetworks,"reject_rbl_client zen.spamhaus.org",reject_unlisted_recipient,"check_policy_service inet:127.0.0.1:10023"

Allow - Any authenticated users from the box
Allow - Any senders from the same network as stated in mynetworks settings
Reject blacklisted spamhause
Reject Recipients not on this box
And finally check recipient and sender against greylist

Once it passes greylisting ( proper email servers will perform resending, while botnet usually won’t ), the emails will be filtered into either Junk or Inbox by spamassassin.

So it’s a 2 step process. If you want your mailbox to open to junk, u got to first remove "“reject_rbl_client zen.spamhaus.org” (so u don’t get blocked, as stated in initial post), remove greylisting (“check_policy_service inet:127.0.0.1:10023”) and turn off spamassassin and any other spam filters you have.

openletter · March 25, 2021, 1:21pm

How is it you are recommending to “turn off spamassassin”? Also, I’m not clear on why greylisting is to be disabled, as it is not related to spamassassin.

daveteu · March 25, 2021, 2:19pm

Which part of my post recommended anyone to turn off spam? Question was asked, and i was just providing an answer.

@anivard asked how to disable spams, and wants everything in inbox, that is the question isn’t it? He probably wants mails that we do not want, that is his choice.

Spamassassin filters mail, greylisting reject mails, they are totally unrelated service. If mails don’t pass greylisting, they won’t even reach spamassassin, and you don’t see the mail.

this post is not about "how to protect my inbox?"

openletter · March 25, 2021, 2:32pm

You don’t recommend a specific method to “turn off spamassassin” but you state to do it. That is why I asked about how to do it.

The OP did not ask about disabling greylisting, but you include instructions to “remove greylisting”.

It is often the case that there is more than one way to achieve a desired result. Based on how a question is asked (or even when it is asked at all) can be reason to at least inquire as to what the desired goal is, which does not necessarily mean that there is a better or even another path to achieving the goal.

Please allow @anivard to reply to my questions.

This can appear combative and is not helpful to the discussion.

anivard · March 25, 2021, 6:16pm

I think, I need to explain my needs.

Most of the mailbox are used like a POP mail.
A remote system, it’s going to pick-up all the mail in the INBOX.
But 10% of the mail are in the SPAM folder.

I don’t know, if it’s possible to disable SPAM analyze for some accounts.
But I need to disable SPAM process.

I don’t have problem with greylisng

openletter · March 25, 2021, 7:11pm

If the problem is email in the spam folder, another option might be to use the whitelist_to family of options for spamassassin.

https://spamassassin.apache.org/full/3.4.x/doc/Mail_SpamAssassin_Conf.html#whitelist_to-user-example.com

This has the advantages of not affecting other domains hosted by the same MiaB installation as well as not being written over every time MiaB is updated.

Create a unique configuration file /var/spamassassin/uniquefilename.cf

Add one of the following to the file:

whitelist_to *@example.com

Some spammy appearing emails may still get declared spam, so if not strong enough use:

more_spam_to *@example.com

If still not strong enough, use:

all_spam_to *@example.com

Although these examples use * to catch all email addresses for the domain, you could also list the email addresses:

whitelist_to username1@example.com
whitelist_to username2@example.com
...

Be sure to restart stuffs after creating or editing the file:

$ sudo service spamassassin restart
$ sudo service spampd restart
$ sudo service postfix restart

daveteu · March 26, 2021, 1:43am

Allow - Any authenticated users from the box
Allow - Any senders from the same network as stated in mynetworks settings
Reject blacklisted spamhause
Reject Recipients not on this box
And finally check recipient and sender against greylist

It’s an educative post about how smtpd_recipient_restrictions works and how the mails are passed through postfix before reaching spamassassin filtering.

I welcome corrections to my post, and to your views on how to turn off spamassassin. But, accusing me of RECOMMENDING him/her to doing anything out of the norm is unnnecessary and offensive. You don’t need to try to be mr miab-angel in anycase. period.

anivard · March 26, 2021, 6:51am

Hello,

I tried
whitelist_from *@*
in /etc/spamassassin/local.cf

It’s not working.

I think, it’s should be in this file /etc/spamassassin/local.cf

I will change the mail subject with
# rewrite_header Subject *****SPAM*****

But I don’t want the “SPAM-MAIL” in the SPAM folder.

openletter · March 26, 2021, 12:24pm

The file does not have to be named local.cf. I have a conf file currently working that is not local.cf, so it should be fine. (In fact, a recent update of MiaB added its own unique miab_spf_dmarc.cf file that was not there previously.) That said, I have custom configurations in local.cf that have not been overwritten since I created them several versions ago.

Did you try using one of the whitelist_to options and it didn’t work? I am actually curious if it works because I haven’t used it and seemed like the better option for your application.

The whitelist_from option should be adding -100 to spamscore. This is a configuration I am using right now:

$ cat /etc/spamassassin/filename.cf
whitelist_from *@example.xyz

In the email header of mail from example.xyz I see:

* -100 USER_IN_WHITELIST DEPRECATED: See USER_IN_WELCOMELIST

Were you sure to restart all of the services? Maybe it’s possible that *@* isn’t supported for whitelist_from? Otherwise I’m not sure how to make it work.

anivard · March 30, 2021, 7:56pm

Hello,

Then it’s not possible to disable spamd.
But you can “accept” all sender in a whitelist in spamassasin.

In the file : /etc/spamassassin/local.cf

I modified
rewrite_header Subject ***SPAM***
I added
whitelist_from *@*

After reboot the server, it’s simpler.

And now, I don’t have any more mail in the SPAM folder.

system · May 9, 2021, 7:57pm

This topic was automatically closed 40 days after the last reply. New replies are no longer allowed.