[Mimedefang] Spamassassin + Mimedefang + ClamAV

Wed Jun 23 09:35:50 EDT 2004

Hi,

> If I run mimedefang on the spamserver and on the anti-virus-server I have to define two sendmail-milter-sockets, what is no problem, but What is with the X-mimedefang headers ? ... they will be removed and replaced with the second x-mimedefang headers. And I have to run 2 separate configurations.
>

We have solved this the follwoing way in mimedefang-filter. You can even copy
the secret to a second server and avoid dublicated scanning !

use vars qw( $md5_secret $skip_checks);
$skip_checks = 0;

#
# Generate a secret for our checksums. Save it into our spooldir.
#
if (! -e "/$Features{'Path:SPOOLDIR'}/mimedefang-key") {
        my @secretchars = ( "A" .. "Z", "a" .. "z", 0 .. 9 );
        $md5_secret = join("", @secretchars[ map { rand @secretchars } ( 1 .. 16 ) ]);
        if (open(MD5KEY, ">$Features{'Path:SPOOLDIR'}/mimedefang-key")) {
                print MD5KEY $md5_secret;
                close (MD5KEY);
        }
} else {
        if (open(MD5KEY, "<$Features{'Path:SPOOLDIR'}/mimedefang-key")) {
                while(<MD5KEY>) {
                        $md5_secret = $_;
                }
                close (MD5KEY);
        }
}

In filter_begin {
	#
        # Get our checksum and return immediatly if we
        # already scanned this mail. That prevents the case where
        # a resent mail looses its RBL tests and is
        # suddenly not found to be spam anymore.
        #
        $skip_checks = 0;
        my $my_messageid = "";
        if (open(INMD5, "<./HEADERS")) {
                my $old_checksum = 0;
                my $needed_params = 2;
                my $have_params = 0;
                while(<INMD5>) {
                        if ($have_params == $needed_params) {
                                last;
                        }
                        chop;
                        if ($_ =~ /^X-Spam-Checksum:[\t ]+([a-z0-9]*)/) {
                                $old_checksum = $1;
                                $have_params++;
                        } elsif ($_ =~ /^Message-Id:[\t ]+(.*)/i) {
                                $my_messageid = $1;
                                $have_params++;
                        }
                }

                close(INMD5);
                if ($my_messageid eq "") {
                        $my_messageid = gen_msgid_header();
                        $my_messageid =~ s/Message-ID:[\t ]{0,}//g;     # Remove Header Prefix
                        $my_messageid =~ s/\n+\z//g;                    # fixes for multiline header
                        $my_messageid =~ s/\n[\t ]{0,}\n/\n/g;          # removes empty lines
                        $my_messageid =~ s/\n/\n\t/g;                   # to stop sendmail complaining
                        action_add_header("Message-ID",$my_messageid);
                }
                my $new_checksum = md5_hex("$my_messageid $md5_secret");
                if ($new_checksum eq $old_checksum) {
                        $skip_checks = 1;
                }
        }
}

In all following checks we can do this:

        #
        # We already processed this mail.
        #
        if ($skip_checks) {
                return action_accept();
        }

Martin