[Mimedefang] Re: Rejecting spam
Jeff Rife
mimedefang at nabs.net
Sat Jul 12 12:48:08 EDT 2008
On 12 Jul 2008 at 16:44, Nigel Allen wrote:
> > We do that here. If he has something like this in his filter_end() :
> >
> > my($hits, $req, $names, $report) = spam_assassin_check();
> >
> > he can add something like this after it:
> >
> > if ($report =~ /URIBL_(SC|WS)_SURBL.+\n\s+\[URIs:\s(.+)]/) {
> > my $rbl = $1;
> > my $uri = $2;
> > return action_bounce("This message contains a URL referring to a domain ($2) that is listed on the $rbl URI RBL, and will not be accepted by this system. If you feel you have received this message in error, please notify postmaster\@mydomain.com")
> > }
> >
> >
> > That's assuming URIBL checking is enabled. Hope this helps...
> >
> Absolutely - makes a lot more sense now. Problem is that I'm not getting
> this pattern recognised.
>
> Given I'm not a perl accolyte, can anyone tell me exactly what is the
> string we expect to get back in $report? In fact what comes back in
> $names too?
Type the following:
$ man mimedefang-filter
/spam_assassin_check
This should show you the details of the "spam_assassin_check" function.
For more details on the exact contents of each of the return values,
you'd have to read the SpamAssassin man pages, but the MD docs are
pretty much good enough even without that.
Just set up MD to not do any actual filtering (i.e., let everything
through) and use the various logging functions to see what is what for
incoming e-mails. Then, start reading a bit about Perl to learn how to
do the matching.
Except for greylisting, you can test every bit of code in MD without
actually rejecting or stopping mail from flowing...just log something
like "this would be rejected because--". Then, when you are sure that
you have the right logic, actually reject (or delay, or whatever).
--
Jeff Rife | Coach: What's doing, Norm?
|
| Norm: Well, science is seeking a cure for thirst.
| I happen to be the guinea pig.
More information about the MIMEDefang
mailing list