[Mimedefang] Rerouting spam (and getting evidence for ISPs)
Philip Prindeville
philipp_subx at redfish-solutions.com
Fri Feb 16 19:50:57 EST 2007
Mark G. Thomas wrote:
>Hi,
>
>On Fri, Feb 16, 2007 at 01:03:04PM -0700, Philip Prindeville wrote:
>
>
>>Ok, so assuming I'm caving into ISP's that need me to furnish
>>them with forensics (thank God my police department doesn't
>>requirement to furnish mugshots, finger prints, DNA samples,
>>etc)...
>>
>>Inside the "stock" mimedefang-filter, if I wanted to take
>>the existing message, flatten it as text into the body of a
>>new message, add new To, From, and Subject lines, then
>>route that message into a set mail alias (like spamadmin, etc)
>>without running the message through filtering again...
>>does anyone have a working example or pseudo-code to
>>point at?
>>
>>
>....
>
>In mimedefang-filter you can call action_quarantine_entire_message();
>for all messages, even non-spam/non-virus ones, to save archival copies
>of everything to disk files. I'd think this would be easier than
>trying to re-mail copies of everything.
>
>Mark
>
>
The issue is that the mail won't be read and handled via a
local directory... It needs to be delivered to an Imap mailbox
so it can be handled there from a client on another machine.
Ok, can I simply delete the current list of recipients and
replace it with a new recipient?
-Philip
More information about the MIMEDefang
mailing list