# Finally: Direct Postfixbogofilter integration

We’ve been running a pipeline our spam tagging and virus removal for a while. It was integrated into the pipeline via procmail, not directly into postfix.
Well, I finally figured out how to do one of the stages as an integrated tagger within postfix. Turns out to be fairly easy. And I didn’t create the method, I simply adapted it. We can always switch back to the other method if needed.
The original article was about integrating spamassassin into postfix. What I did was remarkably similar.

1st:

adduser somefilter -s /sbin/nologin


(note: I changed the user name to protect the innocent … change the user name to one not broadcast out to the world)
2nd: edit /etc/postfix/master.cf, and add the following

spamfilter unix - n n - - pipe
flags=Rq user=somefilter argv=/usr/local/bin/somefilter -f ${sender} --${recipient}



3rd: edit the line in /etc/postfix/master.cf that handles the SMTP traffic and add the filter

smtp      inet  n       -       n       -       -       smtpd
-o content_filter=spamfilter:dummy


4th: create a file named /usr/local/bin/somefilter (noting that you want to name it something else so that the bad guys don’t know the name of an important file in your mail processing system, and make sure that this name is also represented in the 2nd step at the argv=/path/… setup)

#!/bin/bash
/usr/bin/bogofilter -p -l | /usr/sbin/sendmail -i "$@" exit$?



5th: fix ownership and permissions on this file (using the same caution on naming as in the 4th step)


chown somefilter /usr/local/bin/somefilter
chmod 755 /usr/local/bin/somefilter


6th: restart postfix
postfix reload
Now bogofilter is integrated directly into the postfix MTA.
You can arguably use many filters in this manner. I am keeping spamassassin outside for the moment as the final arbiter of spamminess or not.
Mail runs though Clamav, bogofilter, and spamassassin. We can add additional filters for DSPAM and others as needed.

### 2 thoughts on “Finally: Direct Postfixbogofilter integration”

1. Joe, it seems that a lot of your time & energy goes towards securing your email. I know very little on the subject, only that an e-tailer whom I worked for in 2008 purchased Postini service (owned by Google). They were very happy with the result. Have you evaluated Postini?