Server Side Spam Filter

Similar Messages

• How do I define server-side spam rules with Yosemite & Server 4

  Really surprised that this isn't functionality available in the server UI. Poking around in the dovecot/spamassassin docs imply this is possible using sieve, but the configuration looks more complex than I'd like to have to figure out on my own. It seems that sieve might be possible to use. In /Library/Server/Mail/Config/dovecot/conf.d, the option sieve_dir is uncommented, pointing to /Library/Server/Mail/Data/rules/%u. That seems to imply I could create user directories there and apply some sieve rules, has anyone tried this?
  I'd rather not do user-specific rules, I'd prefer to use the default and attempt to move all spam into a spam folder for each user.
  I've seen notes that the webmail client Roundcube provided server-side rules, but I really don't need the web mail client, and various search results seem to raise questions about whether Roundcube is compatible with Sever 4 / Yosemite.
  Any help would be appreciated...

  Was able to get it working with some digging. The basic summary is that you need to create a rules directory for each mail user, and then add a sieve rule in each of the directories you create. I did this manually, which is manageable because I'm using OS X server for my household, and we don't add members to my household that often... :-). Summary of the steps:
  1) Each user has a directory in /Library/Server/Mail/Data/mail that is in UUID format (long hex string with sections broken by - characters).
  2) For each of the users you identify in (1), create an equivalent UUID directory in /Library/Server/Mail/Data/rules
  3) Create a file named "dovecot.sieve" in each of the directories you created in (2). For a basic rule that moves mail marked by SpamAssassin as spam to the Junk folder that Mail.app should create by default, you can use the following:
       require ["fileinto"];
       # rule:[SPAM]
       if header :contains "X-Spam-Flag" "YES" {
               fileinto "Junk";
  4) Ensure that all of the directories/files are owned by _dovecot. I marked dovecot.sieve as executable, but I'm not sure that was necessary.
  5) Once you've done steps 1-4, you should start to see evidence that sieve is being used for delivery of mail in /Library/Logs/Mail/mailinfo.log. Grep for "sieve" in that to see activity. If there are errors, you'll likely see notices that there are sieve logs being created in the rules directories you set up in (2). I ran into errors for at least one account that didn't have a Junk folder created; if you hit that just have the user create a folder named Junk to clear it up.
  Hope this helps others...

• Using OS X Server as Spam Filter Passthrough

  Can OS X server be used to Scan Emails before they are sent to an Exchange server? We are trying to find a way to better filter spam before it gets to a users inbox. I was wondering if OS X server either Tiger or Panther are able to have mail sent to it, Scan the mail, Filter the Spam then forward it to an exchange server?
  If so can I do it through the server admin or do I need to edit some config file?

  As I said before. Can't be done through Server Admin. You will need to modify configuration files.
  Start by looking at this thread:
  http://discussions.apple.com/thread.jspa?messageID=1795596&#1795596
  There is far more info than you need. Take Jeff's example setup. Pretend your OS X Server is Server 1 and your Exchange Server is Server 2&3.

• OSX Server as spam filter only and not mail server?

  We have a mail server runnning on a Sun RAQ 550. I was wondering if I could set up OSX server 10.3.9 for spam filtering only. That is, filter spam for our domain, but have not have any accounts set up on it. Is this possible?
  Thanks in advance.

  Sorry, don't mean to be rude, but this has been answered about 5 times on this board. This is what the search function is for.
  Anyway, here we go again:
  Yes it is possible. 10.4.x has all you need. For 10.3.x you will have to manually install amavisd, spamassassin and clamAV. How-to has been discussed as well here and on http://www.afp548.com
  Once you have it everything installed, it is a matter of tweaking a few configuration files to forward scanned mail to your actual mail server.

• SpamAssassin Rating high but Mail-Spam-Filter doesn't catch it

  I have SpamAssassin running on my Mail-Server and Mail set to trust the server-side-spam-filter (And as Apple states SpamAssassin is compatible (even used in OS X Server)).
  Most Spam gets crunched but I have some that I get over and over again although the SpamAssassin rating is set and often even above 9.
  Can I somehow make Mail more sensitive to the rating?
  (I don't want to use a custom rule to sort it because then the new mail sound will play for any spam as well.)

  No, it doesn’t make sense. You may want to read Mail Help’s “Automatically processing email” article to better understand how rules work in Mail.
  the rules operate before the messages are placed in any mailbox
  Rules are fully applied to each message, one at a time, in the order they appear in the list. How could it be otherwise? What you say doesn’t make sense to me...
  What I should have also suggested is 'stop evaluating rules' on the first rule
  That would be redundant and useless. Mail stops evaluating rules for messages moved to another mailbox by a preceding rule.
  Rule 2 exists only to make the sound
  Problem is, it would also play the sound for junk messages not caught by the first rule.
  I suggested 'To includes @' to catch all mail not filtered out by rule 1
  Not sure what you mean. If you want the second rule to be applied to every message not caught by the first rule, there is an Every message condition for that.
  perhaps move to inbox isn't necessary?
  Not only is it unnecessary. As I said, it might cause an infinite loop that Mail cannot handle properly.
  This way the spam won't trigger the sound but everything else will.
  And that’s precisely part of the problem, that everything else, including junk mail caught by the built-in junk filter (which is applied after all the other rules), will trigger the sound...

• Iphone spam filter

  Is there a spam filter for mail on the iphone?

  No. If you need spam filtering, get a mail service which offers server side spam filtering.

• Spam filter for email server

  Depends on what you want to pay. There are various ways of doing this.
  1. block at your firewall. I have a watchguard and this acts as my first line of defense.
  2. Install an app on your mail server - I have Symantic for Exchange as my second line 
  but then you can go and signup to outside organisations such as messagelabs to handle all your filtering for you.

  hi all,
  im running postfix+dovecot for an email server and i want a spam filter to go infront of postfix so it can filter out spam before it gets anywhere near my email server
  also i imagine with spam filters you can set your own spam policies and allow good senders and block bad senders
  many thanks
  rob
  This topic first appeared in the Spiceworks Community

• Messaging server spam filter

  Hi All,
  We are using messaging server.
  root@node1 # imsimta version
  Sun Java(tm) System Messaging Server 7.3-11.01 64bit (built Sep 1 2009)
  libimta.so 7.3-11.01 64bit (built 19:54:45, Sep 1 2009)
  Using /opt/sun/comms/messaging64/config/imta.cnf (compiled)
  SunOS node1 5.10 Generic_141444-09 sun4v sparc SUNW,Sun-Blade-T6320
  We are facing problem with spam filter once we declare [email protected] is SPAM message next time is any message come from abc@example it should move to the SPAM folder.But it is not happening with out mail server.Please help me.
  Regards
  kk

  kkdas wrote:
  We are facing problem with spam filter once we declare [email protected] is SPAM message next time is any message come from abc@example it should move to the SPAM folder.
  How are you "declaring" [email protected] to be a "Spam" message?
  Sun Messaging Server will only file an email to the Spam folder if you have configured your third-party anti-spam software to flag the email as Spam (e.g. add a custom header) and have written the appropriate channel filter.
  This has already been discussed here:
  http://forums.sun.com/thread.jspa?threadID=5422791&messageID=10932615
  Regards,
  Shane.

• Server-side filtering to subfolder for all users (spamassassin)

  Hello,
  I am trying to integrate a 3rd-party spam filter/virus scanner, it is just spamassassin/amavisd-new running on a front-end box that adds an X-Spam-Flag: YES header to the message before passing it on. This works great on our current postfix/cyrus-imap system using individual cyrus sieve server side filters to look for the flag and move the message into the user's spam folder.
  My question is how to do this in a universal way on OCS, I have been reading through the docs and think server-side filters are the answer, but I can't seem to find a way to set up a system-wide filter that will put the incoming message into the recipients' spam subfolder. Does anyone have any clues on this? I think the key here is to somehow be able to use the recipient name as a variable to pass as a parameter to the moveto action, but I can't see a way to do this. Any pointers would be appreciated.

  You can do this in a single system wide rule, but it's undocumented and technically unsupported.
  First of all, checking the spam-flag in a system side Deliver rule is straightforward:
  <condition>
  <attribute tag="xheader" param="X-Spam-Flag"/>
  <operator caseSensitive="no" op="stringequal"/>
  <operand>YES</operand>
  </condition>
  (Checking on the subject is OK too, if you rewrite it through SpamAssassin.)
  Then to move to a folder, you'll need an external PL/SQL action since the full folder name will vary for each user:
  <action>
  <command tag="call"/>
  <parameter>SpamCheck.moveMsg</parameter>
  <parameter>parameter1</parameter>
  <parameter>parameter2</parameter>
  </action>
  Then the tricky part is the Pl/SQL to do the move, using the undocumented es_ga.g_username variable. This is the only way to know which mailbox context you're currently in for the deliver event at the system level. Without this, you need a separate rule for every user. Here's the bare bones of a procedure that would do it.
  procedure moveMsg(p_eventid in integer,
  p_sessionid in integer,
  p_msgobj in mail_message_obj,
  myparam1 in varchar2,
  myparam2 in varchar2,
  p_status out number)
  is
  this_user varchar2(255);
  mList MAIL_MESSAGE_LIST;
  Begin
  this_user := es_ga.g_username;
  mList:=MAIL_MESSAGE_LIST(p_msgobj);
  mail_folder.move_messages(p_sessionid, mList, '/' || es_ga.g_username || '/ServerMove');
  end MoveToSpam;
  You probably want to add some exception handling, etc. to that ;-) More info on the Pl/SQL API in general is in the Mail Application Dev Guide.

• Spam filter available?

  I gave up my iphone and switched to a blackberry as I get
  so many spam emails and there was not spam filter available.
  Has that changed yet or are they working on it?

  There are no spam filters for the iPhone. All of that filtering has to be done server side.
  What email are you using? I get very little spam on my phone due to good filtering on my work server and Gmail.

• No more anti-spam filter or block list updates?

  Our Exchange Server 2007 (Enterprise) was receiving these updates rather frequently until February 2nd. There was a connection error but then nothing. I just looked in the Microsoft update catalog and the server
  is has the latest updates (compared against the Exchange console).
  What gives? Did support stop? Or, when will the spam and block list updates resume? Our spam has increased dramatically since that date... I've been searching a lot but everything I find only talks about having
  that service enabled, which it is.
  TIA
  Here are the latest versions I have installed:
  Microsoft Exchange Server 2007 Enterprise Block List Updates v3.3.14529.029    (2/2/2015)
  Microsoft Exchange Server 2007 Enterprise Anti-spam Filter Updates v3.3.14528.472    (1/29/2015)

  Thank you for trying to help and offering that reply. I did try that originally. I've disabled and re-enabled both through the command line and through the management console. Everything shows that the updates
  are off/on (as I make the change), indicating all the commands are working as they should.
  Unfortunately, it seems there just aren't any updates. It doesn't make any sense. When I go to the link below, I don't see anything there beyond February
  1st. And, I have all the updates through then (on the block/spam side) and I can receive manually and automatically all the updates for SBS 2008 in general since. It's just this one product feature not working/updating...
  Is anybody getting updates for Exchange 2007 Enterprise?
  Here's the link that's not showing any updates since February 1st, 2015:
  http://catalog.update.microsoft.com/v7/site/Rss.aspx?q=exchange+server+2007+anti-spam&lang=en

• Spam - Cloudmark Desktop equivalent (spam filter addon)

  I understand there are a lot of threads about spam, we all hate it and we all want to get rid of it... this thread is about finding a Cloudmark Desktop plugin equivalent for the MAC OS.
  I'm a switcher, and with outlook on the pc i was able to use this nifty tool to get rid of spam for the most part. currently i end up with 200 spam emails on average per day using Mail on the mac. For a little while i've tried using the onboard spam learning filters, but i've stopped using them as i'm trying afraid of missing legit emails so i'm trying to find a solution much like I had before with Cloudmark.
  Or... maybe the solution is a simple one... learn the Mail filers better?
  Thank you for your time, and any help or light you can shine upon this everlasting subject.
  Mac Pro Mac OS X (10.4.8)

  Rick,
  In response to:
  Mmmm, no I'm not here to teach you how to run a
  public internet mail server
  (public-to-the-internet).
  You should have learned mailserver basics before you
  started running a public server.
  Horde and Squirrel are not mail servers. They are
  WebMail or IMAP clients.
  Email server software for Linux might be 'qmail',
  'postfix'.
  Correct, Horde etc. are my webmail clients. I mentioned these because I assumed you wanted to get in to the SpamAssassin and BoxTrapper configurations.
  My mail server is exim 4.63.
  SpamAssassin and BoxTrapper are both good. They will
  very rarely let you "lose" mail, depending on your
  configuration.
  If you installed all these applications to work
  side-by-side with your mailserver, I would have
  expected more informed answers (But that's not bad!)
  My apologies.
  Filtering that happens on the server can solve much
  of your 200-Junk-Mails-per-day.
  You just have a lot to learn. And we're getting off
  topic.
  If I knew everything, I wouldn't be asking questions
  We weren't wasting time.
  You got some good suggestions about Cloudmark
  replacements.
  (spamfire, spamsieve)
  We had a little chat about filtering being done on
  the server.
  We were starting to drift off the subject.
  I was referring to not intending on wasting your personal time as some your responses seem a little rough around the edges.
  You simply couldn't answer questions about your mail
  server, that you should have known the answer for
  (name of email server software, etc).
  No biggie.
  ... Exim 4.63
  Check my profile, and drop me a note off-list, if you
  want some different tips or help with your server.
  I appreciate the offer.
  For anyone following this topic I've done the following:
  - Decided not to purchase a third party spam filter addon at this time.
  - Although I've looked in to server side SpamAssassin and BoxTrapper configurations, I've decided to not use either of these for now as I'm trying to teach Mac Mail's spam filter the ropes. I always hesitate to auto-delete emails in fear I might miss something. Being that I normally use Mac Mail, I'd have to sift through the **SPAM** mails generated by SpamAssassin anyways. As I'm teaching Mail to identify spam, I don't think counting one then the other would do anything more than confuse the process and make more work for me in the long run. (I could be wrong.)
  - Using exclusively Mac Mail's spam filter I've manually sifted through over 7,000 spam messages in hopes to teach the software what I'm looking for it to identify.
  - Of these 7,000 spam messages, I 'bounced' them all back using Mail... every one of them. This was done somewhat out of frustration, but if I understand this correctly spammers don't want to waste their time and resources emailing bad emails. By bouncing emails back to the source (if the spam email was valid) I'm hoping to get knocked off spam lists over time. I had a brief concern of server load, but everything was smooth. A drawback is many of the spam emails are not valid, so getting many returned mails is part of the process, and honestly it's worth it. (for me)
  - I don't think my spam problem will ever go away entirely. I'll always have to manually scan all emails at least briefly. The hope is to get Mail's spam filter accurate so suspected spam is in a spam box, and my regular mail boxes are clean. When it's time to manually scan the junk mail box, in time it should be pretty quick.
  Thank you to everyone's helpful responses, as Rick mentioned indeed I have much to learn!

• Radius server not returning Filter-id information to access device

  I have set up a Radius server (v. 4.15 16 april 2003) on NW65sp2 server
  and I'm trying to use it to authenticate to a Watchguard Firebox II
  firewall. The authentication functions but apparently the firewall is
  not getting (or not parsing) the Filter-Id information to assign access
  rights via groups. When I login to the firewall with "user1", the
  response is "Authenticationsucceeded, but no access grantedfor user". If
  I define "user1" on the firewall and assign it to an access policy, then
  everything works. But if I define an access group "group1" and assign
  it to an access policy on the firewall and then assign "group1" to the
  eDir Access Profile object that is assigned to "user1", (Filter-Id =
  group1) I get the above authentication succesful, but no access granted.
  Is there a way to identify exactly what information is being sent from
  the Radius server to the access device so I can determine if the problem
  is on the Novell Radius server side or the Watchguard Firewall side?
  I've activated the Radius Debug Log, but that only tells me that it
  finds all the relevant objects in eDirectory and that authentication is
  successfull, but there is no indication that any other information is
  being sent to the access device.
  As I understand it, the filer-id's are supposed to allow a link between
  the eDir user objects and what access rights are allowed on the access
  device (firewall). Essentially this is how I define group memberships on
  the firewall using eDir user. Is this assumption correct?
  The goal of course is to allow access over the firewall without having
  to type in 500 user names on the firewall.
  Any ideas or tips on what I could check or configure differently would
  be helpful. thanks
  bill reading

  thanks for the feedback. I will take a look at the thread you mentioned
  and I'll get back to you with the trace as soon as I can arrange it.
  Scott Kiester wrote:
  > There is a thread titled "RADIUS Group with VASCO Digipass" in this group
  > from November where someone else was trying to use the filter-Id attribute
  > with their firewall. The customer was able to get this attribute to working
  > after tweaking his RADIUS configuration.
  >
  > Your understanding of the filter-Id attribute is correct. Either the RADIUS
  > server is not sending this attribute for some reason, or something on your
  > firewall has been misconfigured. A good starting point would be to take a
  > sniffer trace to see if the filter-Id attribute is in the access-request
  > packet. (You can use Ethereal, which is a free download from
  > www.ethereal.com, for the trace.) Post the trace here or send it to me at
  > [email protected] and I'll take a look at it.
  >
  >
  >>>>bill reading<[email protected]> 12/07/04 8:36 AM >>>
  >
  > I have set up a Radius server (v. 4.15 16 april 2003) on NW65sp2 server
  > and I'm trying to use it to authenticate to a Watchguard Firebox II
  > firewall. The authentication functions but apparently the firewall is
  > not getting (or not parsing) the Filter-Id information to assign access
  > rights via groups. When I login to the firewall with "user1", the
  > response is "Authenticationsucceeded, but no access grantedfor user". If
  > I define "user1" on the firewall and assign it to an access policy, then
  > everything works. But if I define an access group "group1" and assign
  > it to an access policy on the firewall and then assign "group1" to the
  > eDir Access Profile object that is assigned to "user1", (Filter-Id =
  > group1) I get the above authentication succesful, but no access granted.
  > Is there a way to identify exactly what information is being sent from
  > the Radius server to the access device so I can determine if the problem
  > is on the Novell Radius server side or the Watchguard Firewall side?
  > I've activated the Radius Debug Log, but that only tells me that it
  > finds all the relevant objects in eDirectory and that authentication is
  > successfull, but there is no indication that any other information is
  > being sent to the access device.
  >
  > As I understand it, the filer-id's are supposed to allow a link between
  > the eDir user objects and what access rights are allowed on the access
  > device (firewall). Essentially this is how I define group memberships on
  > the firewall using eDir user. Is this assumption correct?
  >
  > The goal of course is to allow access over the firewall without having
  > to type in 500 user names on the firewall.
  >
  > Any ideas or tips on what I could check or configure differently would
  > be helpful. thanks
  >
  > bill reading
  >
  >

• Amavisd not running, mails not delivered when spam filter is enabled

  Hey everyone,
  So I've got a slight problem here with a 10.4.11 server. Our spam filter was set to be too tolerant of spam, allowing a threshold 22.0 before bouncing it, so through the command line I edited /etc/amavisd.conf to $sa_kill_level_deflt = 6.0; tag2 is set to 3.0. Then I bounced amavisd via:
  sudo /bin/launchctl unload /System/Library/LaunchDaemons/org.amavis.amavisd.plist
  sudo /bin/launchctl load /System/Library/LaunchDaemons/org.amavis.amavisd.plist
  Well that caused all sorts of whacky issues with the queue. The server couldn't connect to itself and wouldn't deliver any mail, only queue it up. So I went back in to amavisd.conf and changed the parameters back to default, then bounced amavisd again. To no avail. Then I restored from a backup file I had created and bounced amavisd again to no avail.
  Finally I removed the junkmail and virus filters via SA, saved, then reenabled them to no avail. Then I just disabled them and mail is flowing again, but I still have 187 messages in my queue that wont get delivered no matter how many times I flush it.
  After more research, I issued a ps -U clamav to see if amavisd is running, below are the only results I get:
  PID TT STAT TIME COMMAND
  1291 ?? Ss 0:00.01 freshclam -d -D -pfreshclam.pid -c 1
  I would assume it is NOT running...? I next issued amavisd to see if it throws any errors, and get the following:
  ERROR: MISSING REQUIRED BASIC MODULES:
  MIME::Parser
  BEGIN failed--compilation aborted at /usr/bin/amavisd line 139.
  So my next question is how do I repair amavisd so I can get it to run so I can reenable the content filter. Here are the results of postconf in case you need them:
  2bounce_notice_recipient = postmaster
  access_map_reject_code = 554
  address_verify_default_transport = $default_transport
  address_verify_local_transport = $local_transport
  address_verify_map =
  address_verify_negative_cache = yes
  address_verify_negative_expire_time = 3d
  address_verify_negative_refresh_time = 3h
  address_verify_poll_count = 3
  address_verify_poll_delay = 3s
  address_verify_positive_expire_time = 31d
  address_verify_positive_refresh_time = 7d
  address_verify_relay_transport = $relay_transport
  address_verify_relayhost = $relayhost
  address_verify_sender = postmaster
  address_verify_service_name = verify
  address_verify_transport_maps = $transport_maps
  address_verify_virtual_transport = $virtual_transport
  alias_database = hash:/etc/aliases
  alias_maps = hash:/etc/aliases
  allow_mail_to_commands = alias, forward
  allow_mail_to_files = alias, forward
  allow_min_user = no
  allow_percent_hack = yes
  allow_untrusted_routing = no
  alternate_config_directories =
  always_bcc =
  append_at_myorigin = yes
  append_dot_mydomain = yes
  application_event_drain_time = 100s
  backwards_bounce_logfile_compatibility = yes
  berkeley_db_create_buffer_size = 16777216
  berkeley_db_read_buffer_size = 131072
  best_mx_transport =
  biff = yes
  body_checks =
  body_checks_size_limit = 51200
  bounce_notice_recipient = postmaster
  bounce_queue_lifetime = 5d
  bounce_service_name = bounce
  bounce_size_limit = 50000
  broken_sasl_auth_clients = no
  canonical_maps =
  cleanup_service_name = cleanup
  command_directory = /usr/sbin
  command_expansion_filter = 1234567890!@%-_=+:,./abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ
  command_time_limit = 1000s
  config_directory = /etc/postfix
  content_filter =
  daemon_directory = /usr/libexec/postfix
  daemon_timeout = 18000s
  debug_peer_level = 2
  debug_peer_list =
  default_database_type = hash
  default_delivery_slot_cost = 5
  default_delivery_slot_discount = 50
  default_delivery_slot_loan = 3
  default_destination_concurrency_limit = 20
  default_destination_recipient_limit = 50
  default_extra_recipient_limit = 1000
  default_minimum_delivery_slots = 3
  default_privs = nobody
  default_process_limit = 100
  default_rbl_reply = $rbl_code Service unavailable; $rbl_class [$rbl_what] blocked using $rbl_domain${rbl_reason?; $rbl_reason}
  default_recipient_limit = 10000
  default_transport = smtp
  default_verp_delimiters = +=
  defer_code = 450
  defer_service_name = defer
  defer_transports =
  delay_notice_recipient = postmaster
  delay_warning_time = 0h
  deliver_lock_attempts = 20
  deliver_lock_delay = 1s
  disable_dns_lookups = no
  disable_mime_input_processing = no
  disable_mime_output_conversion = no
  disable_verp_bounces = no
  disable_vrfy_command = no
  dont_remove = 0
  double_bounce_sender = double-bounce
  duplicate_filter_limit = 1000
  empty_address_recipient = MAILER-DAEMON
  enable_errors_to = no
  enable_original_recipient = yes
  enable_server_options = yes
  error_notice_recipient = postmaster
  error_service_name = error
  expand_owner_alias = no
  export_environment = TZ MAIL_CONFIG
  fallback_relay =
  fallback_transport =
  fast_flush_domains = $relay_domains
  fast_flush_purge_time = 7d
  fast_flush_refresh_time = 12h
  fault_injection_code = 0
  flush_service_name = flush
  fork_attempts = 5
  fork_delay = 1s
  forward_expansion_filter = 1234567890!@%-_=+:,./abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ
  forward_path = $home/.forward${recipient_delimiter}${extension}, $home/.forward
  hash_queue_depth = 1
  hash_queue_names = incoming, active, deferred, bounce, defer, flush, hold, trace
  header_address_token_limit = 10240
  header_checks =
  header_size_limit = 102400
  helpful_warnings = yes
  home_mailbox =
  hopcount_limit = 50
  html_directory = no
  ignore_mx_lookup_error = no
  import_environment = MAIL_CONFIG MAIL_DEBUG MAIL_LOGTAG TZ XAUTHORITY DISPLAY
  in_flow_delay = 1s
  inet_interfaces = all
  initial_destination_concurrency = 5
  invalid_hostname_reject_code = 501
  ipc_idle = 100s
  ipc_timeout = 3600s
  ipc_ttl = 1000s
  line_length_limit = 2048
  lmtp_cache_connection = yes
  lmtp_connect_timeout = 0s
  lmtp_data_done_timeout = 600s
  lmtp_data_init_timeout = 120s
  lmtp_data_xfer_timeout = 180s
  lmtp_destination_concurrency_limit = $default_destination_concurrency_limit
  lmtp_destination_recipient_limit = $default_destination_recipient_limit
  lmtp_lhlo_timeout = 300s
  lmtp_mail_timeout = 300s
  lmtp_quit_timeout = 300s
  lmtp_rcpt_timeout = 300s
  lmtp_rset_timeout = 120s
  lmtp_sasl_auth_enable = no
  lmtp_sasl_password_maps =
  lmtp_sasl_security_options = noplaintext, noanonymous
  lmtp_send_xforward_command = no
  lmtp_skip_quit_response = no
  lmtp_tcp_port = 24
  lmtp_xforward_timeout = 300s
  local_command_shell =
  local_destination_concurrency_limit = 2
  local_destination_recipient_limit = 1
  local_recipient_maps =
  local_transport = local:$myhostname
  luser_relay = undeliverable
  mail_name = Postfix
  mail_owner = postfix
  mail_release_date = 20040915
  mail_spool_directory = /var/mail
  mail_version = 2.1.5
  mailbox_command =
  mailbox_command_maps =
  mailbox_delivery_lock = flock
  mailbox_size_limit = 0
  mailbox_transport = cyrus
  mailq_path = /usr/bin/mailq
  manpage_directory = /usr/share/man
  maps_rbl_domains =
  maps_rbl_reject_code = 554
  masquerade_classes = envelope_sender, header_sender, header_recipient
  masquerade_domains =
  masquerade_exceptions =
  max_idle = 100s
  max_use = 100
  maximal_backoff_time = 4000s
  maximal_queue_lifetime = 5d
  message_size_limit = 0
  mime_boundary_length_limit = 2048
  mime_header_checks = $header_checks
  mime_nesting_limit = 100
  minimal_backoff_time = 1000s
  multi_recipient_bounce_reject_code = 550
  mydestination = $myhostname,localhost.$mydomain,localhost,mail.mnn.org,$mydomain,youthchannel.o rg,mnn.org
  mydomain = mnn.org
  mydomain_fallback = localhost
  myhostname = mail.mnn.org
  mynetworks = 127.0.0.0/8,192.168.0.0/16,216.164.83.160/27
  mynetworks_style = host
  myorigin = $myhostname
  nested_header_checks = $header_checks
  newaliases_path = /usr/bin/newaliases
  non_fqdn_reject_code = 504
  notify_classes = resource, software
  owner_request_special = yes
  parent_domain_matches_subdomains = debug_peer_list,fast_flush_domains,mynetworks,permit_mx_backup_networks,qmqpd_a uthorized_clients,relay_domains,smtpd_access_maps
  permit_mx_backup_networks =
  pickup_service_name = pickup
  prepend_delivered_header = command, file, forward
  process_id_directory = pid
  propagate_unmatched_extensions = canonical, virtual
  proxy_interfaces =
  proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks
  qmgr_clog_warn_time = 300s
  qmgr_fudge_factor = 100
  qmgr_message_active_limit = 20000
  qmgr_message_recipient_limit = 20000
  qmgr_message_recipient_minimum = 10
  qmqpd_authorized_clients =
  qmqpd_error_delay = 1s
  qmqpd_timeout = 300s
  queue_directory = /private/var/spool/postfix
  queue_file_attribute_count_limit = 100
  queue_minfree = 0
  queue_run_delay = 1000s
  queue_service_name = qmgr
  rbl_reply_maps =
  readme_directory = /usr/share/doc/postfix
  receive_override_options =
  recipient_bcc_maps =
  recipient_canonical_maps =
  recipient_delimiter =
  reject_code = 554
  relay_clientcerts =
  relay_destination_concurrency_limit = $default_destination_concurrency_limit
  relay_destination_recipient_limit = $default_destination_recipient_limit
  relay_domains = $mydestination
  relay_domains_reject_code = 554
  relay_recipient_maps =
  relay_transport = relay
  relayhost =
  relocated_maps =
  require_home_directory = no
  resolve_dequoted_address = yes
  resolve_null_domain = no
  rewrite_service_name = rewrite
  sample_directory = /usr/share/doc/postfix/examples
  sender_based_routing = no
  sender_bcc_maps =
  sender_canonical_maps =
  sendmail_path = /usr/sbin/sendmail
  service_throttle_time = 60s
  setgid_group = postdrop
  show_user_unknown_table_name = yes
  showq_service_name = showq
  smtp_always_send_ehlo = yes
  smtp_bind_address =
  smtp_connect_timeout = 30s
  smtp_data_done_timeout = 600s
  smtp_data_init_timeout = 120s
  smtp_data_xfer_timeout = 180s
  smtp_defer_if_no_mx_address_found = no
  smtp_destination_concurrency_limit = $default_destination_concurrency_limit
  smtp_destination_recipient_limit = $default_destination_recipient_limit
  smtp_enforce_tls = no
  smtp_helo_name = $myhostname
  smtp_helo_timeout = 300s
  smtp_host_lookup = dns
  smtp_line_length_limit = 990
  smtp_mail_timeout = 300s
  smtp_mx_address_limit = 0
  smtp_mx_session_limit = 2
  smtp_never_send_ehlo = no
  smtp_pix_workaround_delay_time = 10s
  smtp_pix_workaround_threshold_time = 500s
  smtp_quit_timeout = 300s
  smtp_quote_rfc821_envelope = yes
  smtp_randomize_addresses = yes
  smtp_rcpt_timeout = 300s
  smtp_rset_timeout = 120s
  smtp_sasl_auth_enable = no
  smtp_sasl_password_maps =
  smtp_sasl_security_options = noplaintext, noanonymous
  smtp_sasl_tls_security_options = $var_smtp_sasl_opts
  smtp_sasl_tls_verified_security_options = $var_smtp_sasl_tls_opts
  smtp_send_xforward_command = no
  smtp_skip_5xx_greeting = yes
  smtp_skip_quit_response = yes
  smtp_starttls_timeout = 300s
  smtp_tls_CAfile =
  smtp_tls_CApath =
  smtp_tls_cert_file =
  smtp_tls_cipherlist =
  smtp_tls_dcert_file =
  smtp_tls_dkey_file = $smtp_tls_dcert_file
  smtp_tls_enforce_peername = yes
  smtp_tls_key_file = $smtp_tls_cert_file
  smtp_tls_loglevel = 0
  smtp_tls_note_starttls_offer = no
  smtp_tls_per_site =
  smtp_tls_scert_verifydepth = 5
  smtp_tls_session_cache_database =
  smtp_tls_session_cache_timeout = 3600s
  smtp_use_tls = no
  smtp_xforward_timeout = 300s
  smtpd_authorized_verp_clients = $authorized_verp_clients
  smtpd_authorized_xclient_hosts =
  smtpd_authorized_xforward_hosts =
  smtpd_banner = $myhostname ESMTP $mail_name
  smtpd_client_connection_count_limit = 50
  smtpd_client_connection_limit_exceptions = $mynetworks
  smtpd_client_connection_rate_limit = 0
  smtpd_client_restrictions = permit_mynetworks reject_rbl_client zen.spamhaus.org reject_rbl_client bl.spamcop.net permit
  smtpd_data_restrictions =
  smtpd_delay_reject = yes
  smtpd_enforce_tls = no
  smtpd_error_sleep_time = 1s
  smtpd_etrn_restrictions =
  smtpd_expansion_filter = \t\40!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\]^_`abcdefghi jklmnopqrstuvwxyz{|}~
  smtpd_hard_error_limit = 20
  smtpd_helo_required = no
  smtpd_helo_restrictions =
  smtpd_history_flush_threshold = 100
  smtpd_junk_command_limit = 100
  smtpd_noop_commands =
  smtpd_null_access_lookup_key =
  smtpd_policy_service_max_idle = 300s
  smtpd_policy_service_max_ttl = 1000s
  smtpd_policy_service_timeout = 100s
  smtpd_proxy_ehlo = $myhostname
  smtpd_proxy_filter =
  smtpd_proxy_timeout = 100s
  smtpd_pw_server_security_options = gssapi,cram-md5,login,plain
  smtpd_recipient_limit = 1000
  smtpd_recipient_overshoot_limit = 1000
  smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination,permit
  smtpd_reject_unlisted_recipient = yes
  smtpd_reject_unlisted_sender = no
  smtpd_restriction_classes =
  smtpd_sasl_application_name = smtpd
  smtpd_sasl_auth_enable = yes
  smtpd_sasl_exceptions_networks =
  smtpd_sasl_local_domain =
  smtpd_sasl_security_options = noanonymous
  smtpd_sasl_tls_security_options = $smtpd_sasl_security_options
  smtpd_sender_login_maps =
  smtpd_sender_restrictions =
  smtpd_soft_error_limit = 10
  smtpd_starttls_timeout = 300s
  smtpd_timeout = 300s
  smtpd_tls_CAfile =
  smtpd_tls_CApath =
  smtpd_tls_ask_ccert = no
  smtpd_tls_auth_only = no
  smtpd_tls_ccert_verifydepth = 5
  smtpd_tls_cert_file =
  smtpd_tls_cipherlist =
  smtpd_tls_dcert_file =
  smtpd_tls_dh1024_param_file =
  smtpd_tls_dh512_param_file =
  smtpd_tls_dkey_file = $smtpd_tls_dcert_file
  smtpd_tls_key_file =
  smtpd_tls_loglevel = 0
  smtpd_tls_received_header = no
  smtpd_tls_req_ccert = no
  smtpd_tls_session_cache_database =
  smtpd_tls_session_cache_timeout = 3600s
  smtpd_tls_wrappermode = no
  smtpd_use_pw_server = yes
  smtpd_use_tls = no
  soft_bounce = no
  stale_lock_time = 500s
  strict_7bit_headers = no
  strict_8bitmime = no
  strict_8bitmime_body = no
  strict_mime_encoding_domain = no
  strict_rfc821_envelopes = no
  sun_mailtool_compatibility = no
  swap_bangpath = yes
  syslog_facility = mail
  syslog_name = postfix
  tls_daemon_random_bytes = 32
  tls_daemon_random_source =
  tls_random_bytes = 32
  tls_random_exchange_name = ${config_directory}/prng_exch
  tls_random_prng_update_period = 60s
  tls_random_reseed_period = 3600s
  tls_random_source =
  trace_service_name = trace
  transport_maps =
  transport_retry_time = 60s
  trigger_timeout = 10s
  undisclosed_recipients_header = To: undisclosed-recipients:;
  unknown_address_reject_code = 450
  unknown_client_reject_code = 450
  unknown_hostname_reject_code = 450
  unknown_local_recipient_reject_code = 550
  unknown_relay_recipient_reject_code = 550
  unknown_virtual_alias_reject_code = 550
  unknown_virtual_mailbox_reject_code = 550
  unverified_recipient_reject_code = 450
  unverified_sender_reject_code = 450
  verp_delimiter_filter = -=+
  virtual_alias_domains = $virtual_alias_maps
  virtual_alias_expansion_limit = 1000
  virtual_alias_maps = $virtual_maps
  virtual_alias_recursion_limit = 1000
  virtual_destination_concurrency_limit = $default_destination_concurrency_limit
  virtual_destination_recipient_limit = $default_destination_recipient_limit
  virtual_gid_maps =
  virtual_mailbox_base =
  virtual_mailbox_domains = $virtual_mailbox_maps
  virtual_mailbox_limit = 51200000
  virtual_mailbox_lock = fcntl
  virtual_mailbox_maps =
  virtual_minimum_uid = 100
  virtual_transport = virtual
  virtual_uid_maps =
  TIA for an help!
  Andrew

  To get the queue going, issue:
  sudo postsuper -r ALL
  That said, I would think you initially introduced a typo in amavisd.conf. Next you probably restored amavisd and amavisd.conf files which were incompatible with each other and/or amavis incompatible with the updated perl modules of the latest security update.
  To fix things, I would re-apply the latest combo updater and security updates (assuming you are running stock versions and have not installed your own versions of amavisd, etc).
  If things still do not work, please post the output of:
  amavisd -V

• Is there a limit to number of conditions I can set in Mail's spam filter?

  There seems to be a limit to the amount of conditions I can set in Mail's spam filter. ie there's no scroll bar down the side - the list just goes as long as my computer monitor's length will allow, and that's it.
  Is that right - or is there a way to set more than about 28 conditions (in my case).

  Tim,
  yes, you can add more conditions (I don't know whether this is a limit or not) using AppleScript - the problem with the approach is that you will have somewhat of a hard time editing the rule in Mail after that as the buttons at the bottom of the window will no longer be accessible...
  Look at the following AppleScript as an example on how to add a new condition to a rule called "Junk Rule"
  Click to open this script in your Script Editor<pre style="font-family: 'Monaco', 'Courier New', Courier, monospace; overflow:auto; padding: 0.2em; font-size: 10px; width:500px">tell application "Mail"
  tell rule "Junk Rule"
  set theNewCondition to make new rule condition at end of rule conditions
  tell theNewCondition
  set rule type to subject header
  set expression to "viagra"
  set qualifier to does contain value
  end tell
  end tell
  end tell</pre>
  Andreas