[Mimedefang] Bypassing outgoing mail - filter_relay blocking all incomming mail
Rick Knight
rick at rlknight.com
Tue Feb 25 14:23:01 EST 2003
David F. Skoll wrote:
>>Isn't that what I have here? It's at the bottom of mimedefang-filter and
>>except the comments, it looks like yours above.
>>
>>
>
>No. Trace the execution carefully. :-)
>
>
>
David,
GOing thru the MD archives I found this...
On Mon, 23 Dec 2002, Ashley M. Kirchner wrote:
>/ action_add_header() doesn't get run, but
/>/ action_quarantine_entire_message() does since I have all those messages
/>/ now sitting in my MIMEdefang spool. My filter end looks like this:
/
You have to rework the filter_end logic so that send_quarantine_notifications()
is called *after* all possible calls to action_quarantine(). In your
example, it's possible for something to be quarantined after the call.
The simplest fix is as follows:
sub filter_end_aux ($) {
my($entity) = @_;
# Insert here the entire contents of your existing filter_end,
# without any calls to send_quarantine_notifications()
}
# Now this is the real filter_end
sub filter_end ($) {
my($entity) = @_;
# Do the real work
filter_end_aux($entity);
# And send notifications
send_quarantine_notifications();
}
--
David.
Following these instructions I've reworked my filter_end but I still
don't get quarantine notification. I am now getting multiplexer errors
in /var/log/maillog that I think may be related to quarantine messages.
The errors only appear with messages that suold be quarantined and
bounced (messages are going to quarantine and are bouncing correctly).
Also, I want Mimedefang to add headers to the quarantined messages but
that isn't working either. My filter_end and /var/log/maillog are below.
# At this point stop filtering local mail
sub filter_relay ($$$) {
my ($ip, $name, $helo) = @_;
return('ACCEPT_AND_NO_MORE_FILTERING', "ok") if $ip eq "x.x.x.x";
return('CONTINUE', 'OK');
}
# If SpamAssassin found SPAM, append report. We do it as a separate
# attachment of type text/plain
sub filter_end_aux ($) {
my($entity) = @_;
# If you want quarantine reports, uncomment next line
#send_quarantine_notifications();
# IMPORTANT NOTE: YOU MUST CALL send_quarantine_notifications() AFTER
# ANY PARTS HAVE BEEN QUARANTINED. SO IF YOU MODIFY THIS FILTER TO
# QUARANTINE SPAM, REWORK THE LOGIC TO CALL
send_quarantine_notifications()
# AT THE END!!!
# No sense doing any extra work
return if message_rejected();
# Spam checks if SpamAssassin is installed
if ($Features{"SpamAssassin"}) {
if (-s "./INPUTMSG" < 200*1024) {
# Only scan messages smaller than 200kB. Larger messages
# are extremely unlikely to be spam, and SpamAssassin is
# dreadfully slow on very large messages.
my($hits, $req, $names, $report) = spam_assassin_check();
# If we're sure it's Spam, quarantine and bounce
if ($hits > 10) {
md_log('spam -bounced-', $hits, $RelayAddr);
my($score);
action_add_header("X-Spam-Score", "Hits=$hits required=$req");
action_add_header("X-Spam-Status", "Message quarantined");
action_quarantine_entire_message();
action_bounce("Message seems to be Spam, rejected");
}
# If it's not SPAM, add header and say so
if ($hits < $req) {
md_log('not spam', $hits);
my($score);
action_add_header("X-Spam-Score", "Hits=$hits required=$req");
action_add_header("X-Spam-Status", "No");
}
# If it looks like Spam but doesn't qualify above,
# score it and add report and headers
if ($hits >= $req) {
md_log('spam', $hits, $RelayAddr);
my($score);
if ($hits < 40) {
$score = "*" x int($hits);
} else {
$score = "*" x 40;
}
# We add a header which looks like this:
# X-Spam-Score: 6.8 (******) NAME_OF_TEST,NAME_OF_TEST
# The number of asterisks in parens is the integer part
# of the spam score clamped to a maximum of 40.
# MUA filters can easily be written to trigger on a
# minimum number of asterisks...
#action_change_header("X-Spam-Score", "$hits ($score) $names");
action_add_header("X-Spam-Warning", "SpamAssassin says this
message is SPAM");
action_add_header("X-Spam-Status", "Yes, hits=$hits required=$req");
action_add_header("X-Spam-Report","$report");
# If you find the SA report useful, add it, I guess...
action_add_part($entity, "text/plain", "-suggest",
"$report\n",
"SpamAssassinReport.txt", "inline");
}
} else {
# Delete any existing X-Spam-Score header?
#action_delete_header("X-Spam-Score");
}
}
}
## Now this is the real filter_end
sub filter_end ($) {
my($entity) = @_;
# Do the real work
filter_end_aux($entity);
# And send nottifications
send_quarantine_notifications();
}
# DO NOT delete the next line, or Perl will complain.
1;
Relevent maillog entries
Feb 25 10:12:18 myserver sendmail[10312]: h1PICH8l010312:
from=<knightrw at pacbell.net>, size=2956, class=0, nrcpts=1,
msgid=<3E5BB46E.7090902 at pacbell.net>, proto=ESMTP, daemon=MTA,
relay=150.urscorp.com [12.109.186.150]
Feb 25 10:12:24 myserver mimedefang-multiplexor: Slave 0 stderr:
/usr/bin/sendmail
Feb 25 10:12:24 myserver mimedefang-multiplexor: Slave 0 stderr: :
illegal option --
Feb 25 10:12:24 myserver mimedefang-multiplexor: Slave 0 stderr: A
Feb 25 10:12:24 myserver mimedefang-multiplexor: Slave 0 stderr:
Feb 25 10:12:24 myserver mimedefang.pl[10262]: filter: h1PICH8l010312:
bounce=1 quarantine_entire_message=1
Feb 25 10:12:24 myserver mimedefang[10313]: h1PICH8l010312: Bouncing
because filter instructed us to
Feb 25 10:12:24 myserver sendmail[10312]: h1PICH8l010312: Milter add:
header: X-Spam-Score: Hits=17.5 required=5
Feb 25 10:12:24 myserver sendmail[10312]: h1PICH8l010312: Milter add:
header: X-Spam-Status: Message quarantined
Feb 25 10:12:24 myserver sendmail[10312]: h1PICH8l010312: Milter: data,
reject=554 5.7.1 Message seems to be Spam, rejected
Feb 25 10:12:24 myserver sendmail[10312]: h1PICH8l010312:
to=<rick at rlknight.com>, delay=00:00:06, pri=30380, stat=Message seems to
be Spam, rejected
Thanks again,
Rick Knight
(rick at rlknight.com)
------------------------------------------------------------------------
More information about the MIMEDefang
mailing list