[Mimedefang] Disabling outbound mail filtering?

Tue Oct 7 11:35:01 EDT 2003

On 2003/10/07, at 5:30午前, brian wrote:

> Hi all,
>
>   Just curious if anyone has yet devised an optimal way to disable 
> outbound mail filtering with mimedefang and sendmail milters.  As far 
> as I can tell there's no way to tell sendmail not to milter outgoing 
> mail.  I've looked for quite a while for a way.
>
> So, basically the options I have that I know about are:
>
> 1) set up 2nd mail server that does not have mimedefang installed.
> 2) Tell mimedefang to "OK" messages originating from the local network 
> as soon as possible in the mimedefang-filter file.
>
> And that's basically it... without digging into sendmail or mimedefang 
> source code.
>
> I'm not sure option 2 is enough... we have a job scheduled that sends 
> out a LARGE amount of outgoing mail in a short period of time 
> (notifications for our site basically), and this crippled the mail 
> server last night.  10 or so perl mimedefang processes were spawned, 
> each at 20+ megs a piece, quickly caused the system to start thrashing 
> as they were mostly loaded into virtual memory.
>
> Anyone have any pointers?
>

Brian,

We do something similar at our office, although i'm not quite sure of 
the quantity or size of our mail newsletter, when scanning each mail 
with SA on the outbound, it was causing the mailing app to choke.

Originally I implemented the following, but then made modifications to 
my filter to still do bad extension and virus checking on outbound mail 
as well.  it seems to still work fine for our purposes.

if you want to skip *ALL* processing for outbound mail you could do 
something like this:
(i got this code from previous posts to this list)

you'll need to make sure that you use the -r option for mimedefang's 
startup for it to call filter_relay()

use Socket;

sub filter_relay ($$$) {

         my ($hostip,$hostname,$helo) = @_;

         my $addr = '';
         my $network_string = '';
         my $mask_string = '';

         my %exempt_subnets  = (
                 '127.0.0.0',    '255.0.0.0',            # loopback
                 '192.168.0.0',  '255.255.255.0',        # localnet
         );

         $addr = inet_aton $hostip;

         while ( ($network_string, $mask_string) = each %exempt_subnets) 
{
                 my $network = inet_aton $network_string;
                 my $mask = inet_aton $mask_string;

                 if ( ($addr & $mask) eq $network) {
                         return ('ACCEPT_AND_NO_MORE_FILTERING','ok');
                 }
         }

         return ('CONTINUE','ok');
}

hope this helps.

alan