Bypass amavis content filter for all authenticated/outbound emails
I thought i would share with you a method of using a single IP to both scan inbound emails with amavis and bypass the content filter for outbound emails.
you need the package: postfix-pcre
create /etc/postfix/content_filter.pcre /^/ FILTER amavis:[127.0.0.1]:10024
in main.cf:
content_filter = smtpd_data_restrictions = reject_unauth_pipelining, permit_sasl_authenticated, check_sender_access pcre:/etc/postfix/content_filter.pcre
in master.cf you need to reset smtpd_data_restrictions=
amavis unix - - - - 8 smtp -o smtpd_data_restrictions= -o smtp_data_done_timeout=1200 -o smtp_send_xforward_command=yes -o fallback_relay=localhost:10025
127.0.0.1:10025 inet n - n - - smtpd -o content_filter= -o local_recipient_maps= -o relay_recipient_maps= -o smtpd_restriction_classes= -o smtpd_client_restrictions= -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_data_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o mynetworks=127.0.0.0/8 -o strict_rfc821_envelopes=yes -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks -o smtpd_bind_address=127.0.0.1
So it is basically saying by default there is no content filter, then the smtpd_data_restrictions check if the connection is authenticated if so no further checks are made, if not the check_sender_access rule will send /^/ ALL email to the amavis filter.
Works great for me
Bill