Bypass
How to bypass local network with amavis
Resolution
By default, the bypass is not enabled, and we need to enable it as follows:
zmprov mcf zimbraAmavisOriginatingBypassSA TRUE
When its enabled, we need to restart the following services:
zmantispamctl restart zmantivirusctl restart zmamavisdctl restart
Once set, amavis bypasses SpamAssassin for all messages originating internal trusted networks. These networks are configured by modifying the server configuration attribute zimbraMtaMyNetworks:
<attr id="311" name="zimbraMtaMyNetworks" type="astring" max="10240" cardinality="multi" optionalIn="globalConfig,server" flags="serverInherited" requiresRestart="mta"> <desc>value of postfix mynetworks</desc> </attr>
To retrieve current settings:
1. postconf mynetworks 2. zmprov gs `zmhostname` zimbraMtaMyNetworks
Configure MTA networks:
zmprov ms `zmhostname` zimbraMtaMyNetworks '127.0.0.0/8 10.0.0.0/8 192.168.0.0/16'
(note: zmconfigd will automatically restart the MTA processes after this change is made).
The zimbraMtaMyNetworks configuration is then included in Amavis in @mynetworks, which causes those IPs to be white-listed.
Additional Information
$ zmprov desc -a zimbraAmavisOriginatingBypassSA zimbraAmavisOriginatingBypassSA Whether or not Amavis should Bypass SpamAsassin for originating email. Defaults to FALSE type : boolean value : callback : immutable : false cardinality : single requiredIn : optionalIn : globalConfig,server flags : serverInherited defaults : FALSE min : max : id : 1464 requiresRestart : mta since : 8.5.0 deprecatedSince :
Verified Against: Zimbra Collaboration 8.7
Article ID: https://wiki.zimbra.com/index.php?title=How_to_bypass_local_network_with_amavis
Date Created: 03/1/2017
Date Modified: 2018-01-18
-------------