They've previously used their Internet Service Provider's (ISP) mail services, but are tired of too much spam coming in and their mail getting tossed into recipient spam folders due to the poor reputation. He's pleased to find that instead of pointing people at documentation and answering questions that are almost all repetition from previous questions he's answered, now he can just tell them to install amavisd-postfix and both he and the user are happy.Įlana has been tasked with establishing the mail infrastructure for a small business. Scott often hangs out in #ubuntu-server and answers questions about how to do mail server related tasks. He installs Ubuntu Server and selects the mail filter subtask in the installer and then (after considering slitting his wrists while configuring LDAP to integrate with the user list in Exchange - Note: consider a future spec for this in the future) he is amazed how everything is integrated and working with spam and virus checks. He considers putting a Linux border MTA to handle spam and anti-virus checks. He's heard a lot of Linux and wants to see if it can help. We want to make this easy and reliable in line with Ubuntu 's core values.īob has an Exchange server that is creaking under the load of running spam filtering and anti-virus checks in addition to the load generated just by Exchange. This is documented, but error prone and intimidating for new server admins. By installing a single package (maybe also at install time) you can have an integrated working setup that is safe to use (by design the false-positive risk is low, but non-zero).Ĭurrently Ubuntu Server offers a good capability for mail filtering, but it requires editing multiple configuration files. Add a new postfix-rbl-add script to the postfix packageĮasy Mail Filtering: A new feature in Ubuntu Server Edition 10.10 (Maverick Meercat) is easy setup of spam and anti-virus filtering with Postfix, Amavisd-new, Spamassassin, Clamav, and Postgrey.Modify dovecot-postfix to provide a standard spam folder and further modify the amavisd-new configuration to tag and deliver spam to this folder.Convert the mail-server task in tasksel into a task category and have three subtasks: basic (current mail-server), mail-delivery (dovecot-postfix), mail-filter (the new package from this spec).Add greylisting via postgrey (MIR required) and integrate it via postfix-policy-add.It will use postconf and postfix-filter-add to configure postfix to filter mail with amavisd-new This package will also drop in a new amavisd-configuration file to enable spam and antivirus filtering.
Create a new package that depends on postfix, amavisd-new, clamav, and spamassassin.The design principle is that the default configuration will be conservative and prefer incomplete filtering over false positives. In this spec we will create a new package that will provide an out of the box working setup that provides a safe, functional mail filtering system. Packages affected: New amavisd-postfix package, perhaps others most notably taskselĬurrently setting up spam and anti-virus filtering takes a lot of editing of configuration files and is not easy for a new Ubuntu Server users to get set up and working. This is a record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.Launchpad Entry: server-maverick-mail-integrationĬontributors: ScottKitterman, AnteKaramatic, Thierry Carrez Necessarily indicate when this vulnerability wasĭiscovered, shared with the affected vendor, publicly The CVE ID was allocated or reserved, and does not XF:spamassassin-expand-command-execution(56732)ĭisclaimer: The record creation date may reflect when.FULLDISC:20100307 Spamassassin Milter Plugin Remote Root.Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The mlfi_envrcpt function in spamass-milter.cpp in SpamAssassin Milter Plugin 0.3.1, when using the expand option, allows remote attackers to execute arbitrary system commands via shell metacharacters in the RCPT TO field of an email message.
0 kommentar(er)
