[Mimedefang] Restrictions on the use of stream_by_recipient()

John Nemeth jnemeth at victoria.tc.ca
Mon Dec 13 07:25:46 EST 2004


On May 4,  2:41pm, "Robert J. Clark" wrote:
} 
} I want to start customizing the spam and virus filtering behaviour for
} each individual recipient and to do that I have to use
} stream_by_recipient(). However, after reading the docs and scanning
} the source code, I have a couple of questions and would appreciate any
} thoughts or ideas people have on the following:
} 
} - The docs say that stream_by_recipient() must be called at the very
}   beginning of filter_begin(). I have some checks that could
}   potentially cause the email to be rejected and I would like to to
}   that before stream_by_recipient() so that no bounce message is
}   created.
} 
}   Can I do these checks and bounce the message (call
}   action_tempfail() or action_discard() and return) before I call
}   stream_by_recipient()?

     Yes.

}   Is there anything I need to watch out for when I do this?

     You need a way to detect if you've seen the message already.
Luckily, MIMEDefang provides a way of doing this.  Here's my
filter_begin():

#***********************************************************************
# %PROCEDURE: filter_begin
# %ARGUMENTS:
#  None
# %RETURNS:
#  Nothing
# %DESCRIPTION:
#  Called just before e-mail parts are processed
#***********************************************************************
sub filter_begin () {
    if (!$WasResent) {
	# ALWAYS drop messages with suspicious chars in headers
	if ($SuspiciousCharsInHeaders) {
	    md_graphdefang_log('suspicious_chars');
	    return action_bounce("Suspicious chars found in header - rejected");
	}

	# Scan for viruses if any virus-scanners are installed
	my($code, $category, $action) = message_contains_virus();

	# Lower level of paranoia - only looks for actual viruses
	$FoundVirus = ($category eq "virus");

	# Higher level of paranoia - takes care of "suspicious" objects
	# $FoundVirus = ($action eq "quarantine");

	# If a message contains a virus then reject it immmediately...
	if ($FoundVirus) {
	    md_graphdefang_log('virus', $VirusName, $RelayAddr);
	    return action_bounce("Virus $VirusName found in mail - rejected");
	}

	if ($action eq "tempfail") {
	    action_tempfail("Problem running virus-scanner");
	    md_syslog('warning', "Problem running virus scanner: code=$code, category=$category, action=$action");
	}
    }

    if (stream_by_recipient()) {
        return;
    }

    delete_ip_validation_header();
}

} - Secondly, I would like to preserve the IP address of the connecting
}   host even through a call to stream_by_recipient(). I noticed that
}   there is support for doing the when going from a secondary MX to a
}   primary, but I did not think that headers could be modified before a  
}   call to stream_by_recipient(). Is this correct and is there any
}   other way to do what I want?

     Read the section called, PRESERVING RELAY INFORMATION, in the
mimedefang-filter manpage.

}-- End of excerpt from "Robert J. Clark"



More information about the MIMEDefang mailing list