On Thu, 8 Jul 2004, alan premselaar wrote: > > (1) Other than my forgetting to chomp are there other errors in the code > > that people notice. > > > One thing I noticed is that you are storing your file in > /var/spool/MIMEDefang. if you have your system configured as > recommended with /var/spool/MIMEDefang being on a tmpfs or RAMdisk,
I haven't been following that recommendation, but I should, of course, put the whitelist.txt file someplace else in case someday I do switch to using a tmpsf or the like as recommended. Thanks for pointing that out to me. > also, although the file handle should be closed once the script exits, Yup. I've explicitely put in a close since posting my first message. > if you're only going to whitelist based on senders who publish SPF, you > should (if you haven't already) look into using Mail::SPF::Query. I didn't make myself clear. I am passing mail through spf-sendmail-milter (which calls Mail::SPF::Query) before the mimedefang filter. So anything with an SPF fail wouldn't even reach MIMEDefang. I realize that it would be cleaner to not use two milters and to call Mail::SPF::Query from within mimedefang, but I haven't seen any code samples of that and a search of the list archives produces too much noise for me to really find things. > if your intention is to whitelist any sender who's publishing SPF > records, then ... That is not my intention. That would be a very foolish intention. A lot of non-forged spam is passing SPF. What I was trying to say is that I will only whitelist domains with appropriate SPF settings so that I can trust $sender at this point. > > (2) Will the whitelist file be opened anew with every incoming mail? or > > will it only be opened when the mutliplexor starts a slave? > > > the way you have it configured here, everytime filter_sender is called > your whitelist file will be opened. > > > (3) If the answer to (2) is "every time" is there something I can to fix > > that while still keeping the whitelist in an external file? > > > > you may want to consider using embedded perl. then you could setup your > filehandles in filter_initialize and just reference them as approprite > in filter_sender. Thanks. I will take a look at that. > > I also have a few policy questions. > > > > (4) What I'm doing will exempt whitelisted mail not only from defanging, > > bad extention checks and SpamAssassin, but also from virus scanning. > > Is that stupid? Note that at the site in question almost all (but > > not all) email users are on Linux. Of the few MS-Windows users, > > almost everyone (but not everyone) is using a Mozilla based MUA. > > (But I know that there is at least one Outhouse user still, and > > that is not going to change). > > Firstly, I personally am a little uneasy with setting up whitelisting > facilities based on fields that could potentially be exploited or > forged. This is why I would only whitelist domains that pass SPF. > My policy decisions are such that I scan every piece of mail thru my > server for viruses. even outgoing mail that has been SMTP AUTH'd. I think that that is wise. I will rethink the way I've done things to ensure that virus scanning always happens. > I do, however, skip spam scanning from my authenticated users as i know > my users don't send spam. YMMV Likewise. The consequneces of an authorized user sending spam to that user will be a sufficient deterent. > hope this is useful information. Thank you, yes. I should say that my code as posted (and as modified) doesn't seem to work. Everything gets treated as whitelisted. But don't worry about that. I will do some more debugging, and probably restructuring. If after some substantial debugging, I'm still stuck, I'll ask for more help. Cheers, -j -- Jeffrey Goldberg http://www.goldmark.org/jeff/ Relativism is the triumph of authority over truth, convention over justice Hate spam? Boycott MCI! http://www.goldmark.org/jeff/anti-spam/mci/ _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang