From b5896ba9f6047e7031e2bdee0622d543e11a6734 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Mon, 6 May 2024 03:46:30 +0200 Subject: Adding upstream version 3.4.23. Signed-off-by: Daniel Baumann --- proto/CONTENT_INSPECTION_README.html | 92 ++++++++++++++++++++++++++++++++++++ 1 file changed, 92 insertions(+) create mode 100644 proto/CONTENT_INSPECTION_README.html (limited to 'proto/CONTENT_INSPECTION_README.html') diff --git a/proto/CONTENT_INSPECTION_README.html b/proto/CONTENT_INSPECTION_README.html new file mode 100644 index 0000000..98a529d --- /dev/null +++ b/proto/CONTENT_INSPECTION_README.html @@ -0,0 +1,92 @@ + + + + + + +Postfix Content Inspection + + + + + + + +

Postfix +Content Inspection

+ +
+ +

Postfix supports three content inspection methods, ranging from +light-weight one-line-at-a-time scanning before mail is queued, to +heavy duty machinery that does sophisticated content analysis after +mail is queued. Each approach serves a different purpose.

+ +
+ +
before queue, built-in, light-weight
+ +

This method inspects mail BEFORE it is stored in the queue, +and uses Postfix's built-in message header and message body +inspection. Although the main purpose is to stop a specific flood +of mail from worms or viruses, it is also useful to block a flood +of bounced junk email and email notifications from virus detection +systems. The built-in regular expressions are not meant to implement +general SPAM and virus detection. For that, you should use one of +the content inspection methods described below. Details are described +in the BUILTIN_FILTER_README and BACKSCATTER_README documents. +

+ +
after queue, external, heavy-weight
+ +

This method inspects mail AFTER it is stored in the queue, +and uses standard protocols such as SMTP or "pipe to command and +wait for exit status". After-queue inspection allows you to use +content filters of arbitrary complexity without causing timeouts +while receiving mail, and without running out of memory resources +under a peak load. Details of this approach are in the FILTER_README +document.

+ +
before queue, external, medium-weight
+ +

The following two methods inspect mail BEFORE it is stored in the +queue.

+ +
    + +
  • The first method uses the SMTP protocol, and is described +in the SMTPD_PROXY_README document. This approach is available +with Postfix version 2.1 and later.

    + +
  • The second method uses the Sendmail 8 Milter protocol, and +is described in the MILTER_README document. This approach is +available with Postfix version 2.3 and later.

    + +
+ +

Although these approaches appear to be attractive, they have +some serious limitations that you need to be aware of. First, +content inspection software must finish in a limited amount of time; +if content inspection needs too much time then incoming mail +deliveries will time out. Second, content inspection software must +run in a limited amount of memory; if content inspection needs too +much memory then software will crash under a peak load. Before-queue +inspection limits the peak load that your system can handle, and +limits the sophistication of the content filter that you can use. +

+ +
+ +

The more sophisticated content filtering software is not built +into Postfix for good reasons: writing an MTA requires different +skills than writing a SPAM or virus killer. Postfix encourages the +use of external filters and standard protocols because this allows +you to choose the best MTA and the best content inspection software +for your purpose. Information about external content inspection +software can be found on the Postfix website at http://www.postfix.org/, +and on the postfix-users@postfix.org mailing list.

+ + + + -- cgit v1.2.3