[Mimedefang] Restrictions on the use of stream_by_recipient()
John Nemeth
jnemeth at victoria.tc.ca
Mon Dec 13 07:25:46 EST 2004
On May 4, 2:41pm, "Robert J. Clark" wrote:
}
} I want to start customizing the spam and virus filtering behaviour for
} each individual recipient and to do that I have to use
} stream_by_recipient(). However, after reading the docs and scanning
} the source code, I have a couple of questions and would appreciate any
} thoughts or ideas people have on the following:
}
} - The docs say that stream_by_recipient() must be called at the very
} beginning of filter_begin(). I have some checks that could
} potentially cause the email to be rejected and I would like to to
} that before stream_by_recipient() so that no bounce message is
} created.
}
} Can I do these checks and bounce the message (call
} action_tempfail() or action_discard() and return) before I call
} stream_by_recipient()?
Yes.
} Is there anything I need to watch out for when I do this?
You need a way to detect if you've seen the message already.
Luckily, MIMEDefang provides a way of doing this. Here's my
filter_begin():
#***********************************************************************
# %PROCEDURE: filter_begin
# %ARGUMENTS:
# None
# %RETURNS:
# Nothing
# %DESCRIPTION:
# Called just before e-mail parts are processed
#***********************************************************************
sub filter_begin () {
if (!$WasResent) {
# ALWAYS drop messages with suspicious chars in headers
if ($SuspiciousCharsInHeaders) {
md_graphdefang_log('suspicious_chars');
return action_bounce("Suspicious chars found in header - rejected");
}
# Scan for viruses if any virus-scanners are installed
my($code, $category, $action) = message_contains_virus();
# Lower level of paranoia - only looks for actual viruses
$FoundVirus = ($category eq "virus");
# Higher level of paranoia - takes care of "suspicious" objects
# $FoundVirus = ($action eq "quarantine");
# If a message contains a virus then reject it immmediately...
if ($FoundVirus) {
md_graphdefang_log('virus', $VirusName, $RelayAddr);
return action_bounce("Virus $VirusName found in mail - rejected");
}
if ($action eq "tempfail") {
action_tempfail("Problem running virus-scanner");
md_syslog('warning', "Problem running virus scanner: code=$code, category=$category, action=$action");
}
}
if (stream_by_recipient()) {
return;
}
delete_ip_validation_header();
}
} - Secondly, I would like to preserve the IP address of the connecting
} host even through a call to stream_by_recipient(). I noticed that
} there is support for doing the when going from a secondary MX to a
} primary, but I did not think that headers could be modified before a
} call to stream_by_recipient(). Is this correct and is there any
} other way to do what I want?
Read the section called, PRESERVING RELAY INFORMATION, in the
mimedefang-filter manpage.
}-- End of excerpt from "Robert J. Clark"
More information about the MIMEDefang
mailing list