Postfix: content-filter vs. milter

linux postfix email-server spam-filter
5,748

Solution 1

The main difference is that Milter happens pre-queue, i.e. before Postfix accepts the mail. Content filtering happens post-queue.

It depends on the circumstances and the resources you have available. In general, post-queue content filtering in my experience is less resource intensive. Postfix handles the SMTP transactions, queue's the mail and this can happen relatively quickly and painlessly. Postfix is very efficient in this regard and then the content filter can appear (in your case amavis) and take over scanning the email.

The downside to the post-queue approach is that Postfix cannot reject the mail in real-time. It is preferable to reject as much email as possible within the SMTP transaction itself, to avoid bouncing mail. Why? Because lots of spam, viruses and other emails you want to block/reject are sent from non-existent or bogus email addresses. When this occurs, you have a double-bounce effect and these mails tend to fill your queue. Another alternative is that your mailserver is bouncing email to an unintended recipient (i.e. an email that exists that was used for spamming.)

I would always suggest using lightweight stuff via the milter or SMTPD proxy readme and leave the heavy processing until the content-filter stage. So it would depend what amavis is using and what resources you have available to you. It is preferable to be able to run amavis as a milter during the SMTP transaction phase, but it may not be practical.

My advice would be to try this if you are unsure and to benchmark the before and after. Noone is really going to be able to advise you definitively on your situation, as your mail volume, profile and hardware will differ from most people.

Solution 2

It's also nice having amavis post-queue (as a content filter) as it makes it easier to clean up a mess if amavis breaks - postfix will just spool the mail.

Share:
5,748

Related videos on Youtube

user2725402
Author by

user2725402

Updated on September 17, 2022

Comments

  • user2725402
    user2725402 almost 2 years

    I have a Postfix mailserver with content filtering using AMaViS via the "content-filter" option of Postfix. Now I wonder whether it would be better to use AMaViS as a milter instead of the contet-filter approach.

    Which approach is faster? / Which approach takes less resources? Which approach causes less trouble?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

postfix: Temporary lookup failure for FQDN
Postfix limit number of emails send in a month/Day
Reverse proxy for mailserver (SMTP + HTTP for web client)
How to configure postfix for per-sender SASL authentication
Dovecot with Postfix on Ubuntu: warning: SASL: Connect to private/auth-client failed: No such file or directory
How to stop double-bounce FROM sender in postfix
Configuring postfix to handle email on multiple domains without being an open relay
Why does gmail flag my server emails as spam?
postfix/dovecot says "postmaster_address setting not given" but it is
Configuring outgoing mail to port 587 on Ubuntu/Postfix