[Mimedefang] Reject vs Drop and MX

Richard A Nelson cowboy at cavein.org
Sat Sep 25 14:00:30 EDT 2004 

On Fri, 24 Sep 2004, David F. Skoll wrote:

> On Fri, 24 Sep 2004, Troy Carpenter wrote:
>
> > 1. Turn on filter_relay and filter_recipient checking.
> > 2. In filter_relay() I do the following:
> >    * Check to see if the connecting relay is local. If so, accept with no
> >      further processing.
> >    * Check to see if the connecting relay is one of my known relays...
> >      that is, is it my backup MX, or my ISP's relay (I don't want to
> >      blindly accept SPAMs originating from others on my ISP).  If this
> >      condition is met, then I set a RELAY flag for later use.
>
> Don't do that.  Your filter will suffer random and unpredictable failures.
> See the section  "GLOBAL VARIABLE LIFETIME" in the mimedefang-filter man
> page.

Hrm, I though about this and came up an approach that seemed to avoid
the state issues - but isn't quite robust; and I'm stumped !

The idea is that I set a global (and constant) variable at the top
of the filter, and at return time, decide if the mail should be
rejected(direct) or discarded(via mx or mailing list)

#***********************************************************************
# Define MX and other machines that may relay to us - bad mail from
# these boxen will be silently dropped instead of rejected
#***********************************************************************
%MXHosts = (
     '146.82.138.6'
    ,'146.82.138.7'
    ,'146.82.138.27'
    ,'192.25.206.10'
    ,'205.210.42.52'
    ,'205.210.42.53'
    ,'66.35.250.206'
    ,'66.35.250.209'
    ,'206.191.13.82'
    );
sub Drop_If_MX {
    # Return parameters
    my ($code, $msg, $smtp_code, $smtp_dsn, $delay) = @_;
    if ( exists($MXHosts{$RelayAddr}) ) {
        $code = 'DISCARD';
        $delay = 0;
    return ($code, $msg, $smtp_code, $smtp_dsn, $delay);
    };
sub Action_If_MX {
    # Return parameters
    my ($msg, $smtp_code, $smtp_dsn) = @_;
    if ( exists($MXHosts{$RelayAddr}) ) {
        return (action_discard());
        }
    else {
        md_syslog('warning',
            "Action_If_MX: $RelayAddr, $msg, $smtp_code, $smtp_dsn");
        return (action_bounce($msg, $smtp_code, $smtp_dsn));
        };
    };
...
	return(Drop_If_MX('REJECT', 'Invalid MX', '', '', 20));
...
if ($hits >= 10) {
            return Action_If_MX("Spam level: $hits", "554", "5.7.1 Spam level $h
            };

This works once in a great while - most of the time it fails:
i8P917CW029051: helo:gluck.debian.org
i8P917CW029051: from=<b51ee at yahoo.co.kr>, size=1906, class=0, nrcpts=1, ...
MDLOG,i8P917CW029051,spam,35.637,192.25.206.10,<b51ee at yahoo.co.kr>,<c....
Action_If_MX: 192.25.206.10, Spam level: 35.637, 554, 5.7.1 Spam leve...
filter: i8P917CW029051:  bounce=1
i8P917CW029051: Bouncing because filter instructed us to
i8P917CW029051: Milter: data, reject=554 5.7.1 Spam level: 35.637

Here's the working case:
i8P4u05E032646: helo:murphy.debian.org
i8P4u05E032646: from=<bounce-debian-policy=cowboy=cavein.org at lists.debian.or...
MDLOG,i8P4u05E032646,spam,18.099,146.82.138.6,<bounce-debian-policy...
filter: i8P4u05E032646:  discard=1
i8P4u05E032646: Discarding because filter instructed us to
i8P4u05E032646: Milter change: header X-Spam-Checker-Version: from...
i8P4u05E032646: Milter: data, discard
i8P4u05E032646: discarded

Both relay hosts are in the hash...  so - what (likely simple thing) am
I missing ?
-- 
Rick Nelson
Life'll kill ya                         -- Warren Zevon
Then you'll be dead                     -- Life'll kill ya

More information about the MIMEDefang mailing list