[Mimedefang] filter_relay
David Hiebert
david at keyway.net
Sun Oct 31 18:27:13 EST 2004
On Sat, 30 Oct 2004, David F. Skoll wrote:
> Date: Sat, 30 Oct 2004 18:59:28 -0400 (EDT)
> From: David F. Skoll <dfs at roaringpenguin.com>
> Reply-To: mimedefang at lists.roaringpenguin.com
> To: mimedefang at lists.roaringpenguin.com
> Subject: Re: [Mimedefang] filter_relay
>
> On Sat, 30 Oct 2004, David Hiebert wrote:
>
> > I've been testing with a host with invalid reverse and another with valid
> > reverse the entire time. When return('REJECT') with any $msg is called,
> > the SMTP connection (telnetting into port 25 and issuing commands
> > manually) returns "550 5.0.0 Command Rejected" only after issuing the MAIL
> > FROM: command, rather than upon the connection itself. I must be missing
> > something.
>
> Is there an evil Cisco SMTP proxy or something similar between you and
> the MIMEDefang machine?
>
> Regards,
>
> David.
> _______________________________________________
> Visit http://www.mimedefang.org and http://www.canit.ca
> MIMEDefang mailing list
> MIMEDefang at lists.roaringpenguin.com
> http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
>
Nope, there is nothing special about the network setup. I'm testing
using 3 systems (the mail server, a system with reverse DNS, and a system
without.) They are for all intents and purposes on the same switch, same
subnet, no bridge, firewall, router or any other such network device
between.
I've included my mimedefang-filter. I believe at this point that I've
removed an essential line, or filter from the config. I've included the
config as it has been modified.
As we will be using MIMEDefang in a production environment, we would like
to run it in it's most bare (i.e. no filters) form, and add one filter at
a time as we see fit.
David Hiebert
Keyway Internet Services
909-933-3699
-------------- next part --------------
#!/usr/bin/perl
# -*- Perl -*-
#***********************************************************************
#
# mimedefang-filter
#
# Suggested minimum-protection filter for Microsoft Windows clients, plus
# SpamAssassin checks if SpamAssassin is installed.
#
# Copyright (C) 2002 Roaring Penguin Software Inc.
#
# This program may be distributed under the terms of the GNU General
# Public License, Version 2, or (at your option) any later version.
#
# $Id: suggested-minimum-filter-for-windows-clients,v 1.81 2004/10/26 18:34:33 dfs Exp $
#***********************************************************************
#***********************************************************************
# Set administrator's e-mail address here. The administrator receives
# quarantine messages and is listed as the contact for site-wide
# MIMEDefang policy. A good example would be 'defang-admin at mydomain.com'
#***********************************************************************
$AdminAddress = 'postmaster at keyway.net';
$AdminName = "Keyway Postmaster";
#***********************************************************************
# Set the e-mail address from which MIMEDefang quarantine warnings and
# user notifications appear to come. A good example would be
# 'mimedefang at mydomain.com'. Make sure to have an alias for this
# address if you want replies to it to work.
#***********************************************************************
$DaemonAddress = 'mimedefang at keyway.net';
#***********************************************************************
# If you set $AddWarningsInline to 1, then MIMEDefang tries *very* hard
# to add warnings directly in the message body (text or html) rather
# than adding a separate "WARNING.TXT" MIME part. If the message
# has no text or html part, then a separate MIME part is still used.
#***********************************************************************
$AddWarningsInline = 0;
#***********************************************************************
# To enable syslogging of virus and spam activity, add the following
# to the filter:
# md_graphdefang_log_enable();
# You may optionally provide a syslogging facility by passing an
# argument such as: md_graphdefang_log_enable('local4'); If you do this, be
# sure to setup the new syslog facility (probably in /etc/syslog.conf).
# An optional second argument causes a line of output to be produced
# for each recipient (if it is 1), or only a single summary line
# for all recipients (if it is 0.) The default is 1.
# Comment this line out to disable logging.
#***********************************************************************
md_graphdefang_log_enable('local8', 1);
#***********************************************************************
# Uncomment this to block messages with more than 50 parts. This will
# *NOT* work unless you're using Roaring Penguin's patched version
# of MIME tools, version MIME-tools-5.411a-RP-Patched-02 or later.
#
# WARNING: DO NOT SET THIS VARIABLE unless you're using at least
# MIME-tools-5.411a-RP-Patched-02; otherwise, your filter will fail.
#***********************************************************************
# $MaxMIMEParts = 50;
#***********************************************************************
# Set various stupid things your mail client does below.
#***********************************************************************
# Set the next one if your mail client cannot handle multiple "inline"
# parts.
$Stupidity{"NoMultipleInlines"} = 0;
#use Net::DNS;
sub filter_relay () {
my ($hostip, $hostname, $helo) = @_;
# my $res = Net::DNS::Resolver->new;
# my $query = $res->search($hostip);
if ($hostname eq "[$hostip]") {
return ('REJECT',"Please fix your reverse DNS before sending us mail.","550","5.7.1","2");
}
# if ($query) {
# $query->answer;
# }
#
# $response=$res->errorstring;
#
# if ($response eq 'NXDOMAIN') {
# return ('REJECT', "Please fix your reverse DNS before sending us mail.", 550, 5.7.1, 1);
# }
return ('CONTINUE', "ok");
}
#sub filter_begin () {
#
#}
#sub filter_end () {
#
#}
# DO NOT delete the next line, or Perl will complain.
1;
More information about the MIMEDefang
mailing list