Hello everyone (and specially Gordon)
Dridex / Locky are a nightmare. I'm trying to find a way to avoid my
users to get these mails...
I want a specific behaviour:
- I want ALL my users to go trough spamassassin/clamav (I won't get
rid of my own changes to these filters :-) )
- I want to reject unwanted mails as soon as possible, with the least load
That's why, for me, the best order for modules is:
comeagain
attachments
spamassassin
clamav
log_aliases
noduplicates
With comeagain enabled, first tries coming from authenticated users are
rejected (and that could happen after each ttl expire...)
I don't want that.
So, I modified comeagain filter to allow authenticated users to go
through this filter with no disturbance. They will go through all other
ones :-)
You can manage this feature through pythonfilter-modules.conf:
[comeagain.py]
ignoreAuth = True / False
Please find attached the proposed patch.
What do you think about that?
Hope this helps.
Best regards.
Jerome Blion
--- comeagain.py 2016-03-09 02:00:14.284044106 +0100
+++ comeagain.py.new 2016-03-09 02:09:27.567409792 +0100
@@ -1,6 +1,7 @@
#!/usr/bin/python
# comeagain -- Courier filter implementing a "greylisting" technique.
# Copyright (C) 2003-2008 Gordon Messmer <gor...@dragonsdawn.net>
+# Copyright (C) 2016 Jerome Blion <jer...@hebergement-pro.org>
#
# This file is part of pythonfilter.
#
@@ -30,6 +31,7 @@
# will be removed from the lists.
sendersTTL = 60 * 60 * 24 * 30
sendersPurgeInterval = 60 * 60 * 12
+ignoreAuth = False
def initFilter():
@@ -58,7 +60,14 @@
"""
- # Grab the sender from the control files.
+ # If the server is used to send mail from users, we may want not to blck
them
+ # We won't fill the database as the same IP may try and spam
+ if ignoreAuth:
+ authUser = courier.control.getAuthUser(controlFileList, bodyFile)
+ if authUser:
+ return ''
+
+ # Grab the sender from the control files.
try:
sender = courier.control.getSender(controlFileList)
except:
@@ -102,8 +111,8 @@
# and more lines, beginning with an 'r' character, for each
# recipient. Run this script with the name of that file as an
# argument, and it'll validate that email address.
- if not sys.argv[1:]:
- print 'Use: comeagain.py <control file>'
+ if not sys.argv[2:]:
+ print 'Use: comeagain.py <bodyFile> <control file>'
sys.exit(1)
initFilter()
- print doFilter('', sys.argv[1:])
+ print doFilter(sys.argv[1], sys.argv[2:])
------------------------------------------------------------------------------
Transform Data into Opportunity.
Accelerate data analysis in your applications with
Intel Data Analytics Acceleration Library.
Click to learn more.
http://pubads.g.doubleclick.net/gampad/clk?id=278785111&iu=/4140
_______________________________________________
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
