[Mimedefang] Blocking messages spoofed with my own e-mailladdress
Lucas Albers
admin at cs.montana.edu
Tue Nov 18 12:47:10 EST 2003
> I'd have to study if this works completely for Jon but it should work for
> Jeff. It's a combination of two filters that effectively work together.
> We have some departments farm out customer surveys and some trusted
> venders that do not get checked (thus the filter_relay).
I also configured an option similar to this, but I still check all
incoming, outgoing mail for virus's.
#don't scan locally relayed or authenticated mail with SA.
sub is_local_sender {
if ($RelayAddr =~ /127\.0\.0\.1/
|| $RelayAddr =~ /xxx\.xx\.199\.47/
|| $RelayAddr =~ /xxx\.xx\.196\./
|| $RelayAddr =~ /xxx\.xx\.197\./
|| $RelayAddr =~ /xxx\.xx\.198\./
|| $RelayAddr =~ /xxx\.xx\.199\./
|| exists($SendmailMacros{'auth_authen'})) {
#md_syslog('err',"skipping $RelayAddr because local");
return 1;
} else {
#md_syslog('err',"not skipping $RelayAddr because not
local");
return 0;
}
}
Then I check this for spam filtering, after I check for virus's.
---------
if ($action eq "tempfail") {
action_tempfail("Problem running virus-scanner");
md_syslog('warning', "Problem running virus scanner: code=$code,
category=$category, action=$action");
}
if ($Features{"SpamAssassin"} && !($category eq "virus") &&
!($category eq "quarantine") && !(is_local_sender())) {
if (-s "./INPUTMSG" < 400*1024) {
# Only scan messages smaller than 400kB. Larger messages
# are extremely unlikely to be spam, and SpamAssassin is
# dreadfully slow on very large messages.
my($hits, $req, $names, $report) = spam_assassin_check();
---------
In related news has anyonce configured it to notify the administrator if a
virus is received from a a local source?
I have not gotten around to configuring this, but would like to be
notified when one of my users sends a virus.
--Luke
More information about the MIMEDefang
mailing list