[Mimedefang] Previous relay information
Whit Blauvelt
whit at transpect.com
Fri Dec 15 13:44:01 EST 2006
On Wed, Dec 13, 2006 at 06:43:37PM +0900, Mark van Proctor wrote:
> Has anyone implemented some form of parsing of the received headers to
> determine who the previous relay was? When is the earliest time that these
> headers are available? filter_begin? Are these easily accessible through
> mimedefang's variables or will we need to build some kind of script that
> will parse the actual mail files?
Here's a way to get ahold of the Received headers. I haven't figured out the
earliest place it can go in the script. It certainly works if put just above
the call to SpamAssassin.
$HDRS = $CWD . "/HEADERS";
open (HDRS) or md_syslog('warning', 'Cannot open the ' . $CWD . ' HEADERS file!');
@header = <HDRS>;
close(HDRS);
$headcount = @header;
$n = 0;
$r = 0;
while ($n < $headcount) {
if ($header[$n] =~ /Received:/) {
$received[$r] = $header[$n];
$r++;
}
$n++;
}
Then here's how I'm getting rid of spam with a faked first Received "by
transpect.com" - since transpect.com isn't even the MX for transpect.com.
$reccount = @received;
$reccount--;
if ($received[$reccount] =~ /by transpect\.com/) {
md_syslog('warning','$MsgID: bytrans: ' . $received[$reccount]);
action_discard();
}
The previous relay you were after would be in $received[1] with this script.
Whit
More information about the MIMEDefang
mailing list