How to bypass local network with amavis

Resolution

By default, the bypass is not enabled, and we need to enable it as follows:

zmprov mcf zimbraAmavisOriginatingBypassSA TRUE 

When its enabled, we need to restart the following services:

zmantispamctl restart  zmantivirusctl restart  zmamavisdctl restart 

Once set, amavis bypasses SpamAssassin for all messages originating internal trusted networks. These networks are configured by modifying the server configuration attribute zimbraMtaMyNetworks:

<attr id="311" name="zimbraMtaMyNetworks" type="astring" max="10240" cardinality="multi" optionalIn="globalConfig,server" flags="serverInherited"  requiresRestart="mta">  <desc>value of postfix mynetworks</desc> </attr>

To retrieve current settings:

1. postconf mynetworks 2. zmprov gs `zmhostname` zimbraMtaMyNetworks

Configure MTA networks:

zmprov ms `zmhostname` zimbraMtaMyNetworks '127.0.0.0/8 10.0.0.0/8 192.168.0.0/16'

(note: zmconfigd will automatically restart the MTA processes after this change is made).

The zimbraMtaMyNetworks configuration is then included in Amavis in @mynetworks, which causes those IPs to be white-listed.

Additional Information

$ zmprov desc -a zimbraAmavisOriginatingBypassSA zimbraAmavisOriginatingBypassSA    Whether or not Amavis should Bypass SpamAsassin for originating email.    Defaults to FALSE                type : boolean              value :           callback :          immutable : false        cardinality : single         requiredIn :         optionalIn : globalConfig,server              flags : serverInherited           defaults : FALSE                min :                max :                 id : 1464    requiresRestart : mta              since : 8.5.0    deprecatedSince :

-------------