[Mimedefang] tagging mail sent to aliases

James Ebright jebright at esisnet.com
Fri Jan 7 10:54:37 EST 2005 

I would think checking the /etc/aliases yourself would be less memory 
intensive than another sendmail child. You can probably do this very early on 
as well if need be like in filter_recipient (remember to pass the multiplexer 
the -t flag to enable this filter in mimedefang-filter)

Something like: (this is off top of head... so may need work :-) also watch 
for line wraps, this would just log the potential aliases if any)

sub filter_recipient {
  my 
($recipient,$sender,$ip,$hostname,$first,$helo,$rcpt_mailer,$rcpt_host,$rcpt_a
ddr) = @_;
  my %ALIAS
  # Perl has a built-in DBM open database command
  if(dbmopen(%ALIAS, "/etc/aliases.db", undef)) {
    my $username;
    my $domain;
    ($username, $domain) = split(/\@/,$recipient);
    foreach $Key (keys(%ALIAS)) {
      chomp ($Key);
      if ( $Key =~ /^$username$/ ) {
        md_syslog('info', "$QueueID: ruleset=filter_recipient, 
relay=$hostname, recipient=$recipient, alias=$ALIAS{$Key}");
      } 
    }
    dbmclose(%ALIAS);
  } else { # Just in case there is an error opening the alias file
     md_syslog('info', "$QueueID: ruleset=filter_recipient, relay=$hostname 
[$ip] (may be forged), recipient=$recipient, NO ALIAS FILE FOUND");
  }
  return ('CONTINUE', "ok");
}

Jim

On Thu, 6 Jan 2005 09:04:18 -0800, Gary Funck wrote
> 1. we delay checks
> 
> 2. I've seen code that adds custom headers for SA to score them,
>    by rewriting INPUTMSG in its entirety.  I don't recall if it
>    also updated HEADERS, or if it wrote HEADERS first and then
>    made a call to recreate INPUTMSG. Maybe not the most efficient
>    thing to do, but given the other processing that goes on in
>    spam detectin, probably not a big additional impact either.
> 
> 3. On our system, I believe that /etc/aliases might be a hash
>    database, and therefore it seems that it might be pretty
>    easy to lookup recipients in the alias hash directly?
>    Though clearly invoking sendmail to do this is safer,
>    and the result could be cached internally and the cache
>    flushed if /etc/aliases time stamp is updated.

--
EsisNet.com Webmail Client

More information about the MIMEDefang mailing list