Folllow-up Test Code - Re: [Mimedefang] Potential for Businessmail servers to nothavereverse DNS
Jonas Eckerman
jonas_lists at frukt.org
Sun Oct 8 11:42:29 EDT 2006
John Rudd wrote:
> 1) could an SA plugin, instead of external routines that need to modify
> the message itself, be used? (when MD calls SA, is the most
1a: My routines does not modify the message itself. When mimedefang.pl calls SpamAssassin it alreaddy adds a few headers and creates a in-memory message for SpamAssassin. I simply have mimedefang.pl add a few extra headers when creating that in-memory message.
2a: Yes, this could probably be done in a SpamAssassin plugin. Actually, it makes more sense to do it that way. The reasons I did it with headers and mimedefang-filter is this:
* I was allready adding a header with operating system info (from p0f fingerprinting). I had allready modified mimedefang.pl to make it very simple to add headers to the message sent to SpamAssassin.
* I did not have the time to learn how SpamAssassins plugin system works.
I actually have three pieces in my mimedefang-filter that would fit better as SA plugins:
1: The hostname check we're currently discussing.
2: The insertion of of OS info from p0f in a header.
3: SMTP sender address validation. I'm not sure if this check could actually be done right in the current version of SA.
I only do a sender validation check if a) the score a failed validation gives is enough to push a message over the egde and b) the message hasn't allready been pushed over the edge. I also cache the results in a SQLite table. In practice this means that the filter very seldom really does do a SMTP validation.
I think the SA 3.2.* might have the necessary suppoprt for only running a plugin if it can make a difference though.
Maybe some day I'll actually move this stuff into plugins...
> (when MD calls SA, is the most
> recent/current Received header already there?)
mimedefang.pl creates a Received header for the message that it sends to SA.
/Jonas
--
Jonas Eckerman, FSDB & Fruktträdet
http://whatever.frukt.org/
http://www.fsdb.org/
http://www.frukt.org/
More information about the MIMEDefang
mailing list