[Mimedefang] Reject vs Drop and MX
Richard A Nelson
cowboy at cavein.org
Sat Sep 25 14:00:30 EDT 2004
On Fri, 24 Sep 2004, David F. Skoll wrote:
> On Fri, 24 Sep 2004, Troy Carpenter wrote:
>
> > 1. Turn on filter_relay and filter_recipient checking.
> > 2. In filter_relay() I do the following:
> > * Check to see if the connecting relay is local. If so, accept with no
> > further processing.
> > * Check to see if the connecting relay is one of my known relays...
> > that is, is it my backup MX, or my ISP's relay (I don't want to
> > blindly accept SPAMs originating from others on my ISP). If this
> > condition is met, then I set a RELAY flag for later use.
>
> Don't do that. Your filter will suffer random and unpredictable failures.
> See the section "GLOBAL VARIABLE LIFETIME" in the mimedefang-filter man
> page.
Hrm, I though about this and came up an approach that seemed to avoid
the state issues - but isn't quite robust; and I'm stumped !
The idea is that I set a global (and constant) variable at the top
of the filter, and at return time, decide if the mail should be
rejected(direct) or discarded(via mx or mailing list)
#***********************************************************************
# Define MX and other machines that may relay to us - bad mail from
# these boxen will be silently dropped instead of rejected
#***********************************************************************
%MXHosts = (
'146.82.138.6'
,'146.82.138.7'
,'146.82.138.27'
,'192.25.206.10'
,'205.210.42.52'
,'205.210.42.53'
,'66.35.250.206'
,'66.35.250.209'
,'206.191.13.82'
);
sub Drop_If_MX {
# Return parameters
my ($code, $msg, $smtp_code, $smtp_dsn, $delay) = @_;
if ( exists($MXHosts{$RelayAddr}) ) {
$code = 'DISCARD';
$delay = 0;
return ($code, $msg, $smtp_code, $smtp_dsn, $delay);
};
sub Action_If_MX {
# Return parameters
my ($msg, $smtp_code, $smtp_dsn) = @_;
if ( exists($MXHosts{$RelayAddr}) ) {
return (action_discard());
}
else {
md_syslog('warning',
"Action_If_MX: $RelayAddr, $msg, $smtp_code, $smtp_dsn");
return (action_bounce($msg, $smtp_code, $smtp_dsn));
};
};
...
return(Drop_If_MX('REJECT', 'Invalid MX', '', '', 20));
...
if ($hits >= 10) {
return Action_If_MX("Spam level: $hits", "554", "5.7.1 Spam level $h
};
This works once in a great while - most of the time it fails:
i8P917CW029051: helo:gluck.debian.org
i8P917CW029051: from=<b51ee at yahoo.co.kr>, size=1906, class=0, nrcpts=1, ...
MDLOG,i8P917CW029051,spam,35.637,192.25.206.10,<b51ee at yahoo.co.kr>,<c....
Action_If_MX: 192.25.206.10, Spam level: 35.637, 554, 5.7.1 Spam leve...
filter: i8P917CW029051: bounce=1
i8P917CW029051: Bouncing because filter instructed us to
i8P917CW029051: Milter: data, reject=554 5.7.1 Spam level: 35.637
Here's the working case:
i8P4u05E032646: helo:murphy.debian.org
i8P4u05E032646: from=<bounce-debian-policy=cowboy=cavein.org at lists.debian.or...
MDLOG,i8P4u05E032646,spam,18.099,146.82.138.6,<bounce-debian-policy...
filter: i8P4u05E032646: discard=1
i8P4u05E032646: Discarding because filter instructed us to
i8P4u05E032646: Milter change: header X-Spam-Checker-Version: from...
i8P4u05E032646: Milter: data, discard
i8P4u05E032646: discarded
Both relay hosts are in the hash... so - what (likely simple thing) am
I missing ?
--
Rick Nelson
Life'll kill ya -- Warren Zevon
Then you'll be dead -- Life'll kill ya
More information about the MIMEDefang
mailing list