to a working dir, changed
perms, changed the script to point to this dir and it still refuses to
What about owner?
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org
. This instance is used by the SpamAssassin clamav plugin so it
contributes to SA scores.
I did it in the way you suggests before, but I find this way easier
since now I don't have to keep up with the signature namings.
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http
filter (by mistake or on purpose)?
Does mimedefang.pl -features tell you that Net::DNS is found?
Does your filter do anything to $Features{AutoDetectPerlModules}?
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http
the part so that additional mime attributes
may be set on it.
No changes in mimedefang.pl are required for this. Just set a
content-id using the the returned entity. See MIME::Entity and
MIME::Head for more info.
Regards
/Jonas
--
Jonas Eckerman, FSDB Fruktträdet
http://whatever.frukt.org/
http
Mike Weaver wrote:
Sounds interesting. Any chance of seeing the relevant filter, script and
web code?
http://whatever.frukt.org/mimedefangfilter.text.shtml
Regards
/Jonas
--
Jonas Eckerman, FSDB Fruktträdet
http://whatever.frukt.org/
http://www.fsdb.org/
http://www.frukt.org
.)
I do a check against the servers to validate senders (if from our locally
served domains) as well as recipients, and caching helps lower the load when
some idiotic piece of software tries to send to or from the same invalid
address 40 times in 20 seconds...
Regards
/Jonas
--
Jonas Eckerman
David F. Skoll wrote:
Jonas Eckerman wrote:
add headers to the temprary message created for SpamAssassin,
[...]
I'll look at some compromise solution. :-)
Just wanted to say that with my own SpamAssassin plugins for using p0f data and
checking sender validity and John Rudd's Botnet
the only command the
server will accept is another HELO/EHLO.
Regards
/Jonas
--
Jonas Eckerman, FSDB Fruktträdet
http://whatever.frukt.org/
http://www.fsdb.org/
http://www.frukt.org/
___
NOTE: If there is a disclaimer or other legal boilerplate
Anne Bennett wrote:
We do our HELO checks in filter_relay,
How do you do that?
I thought that neither the $Helo variable nor the commands file (from wich the
helo string can be read) was available that early in the mimedefang process.
/Jonas
--
Jonas Eckerman, FSDB Fruktträdet
http
this in filter_sender, as filter_sender is called
before your system even knows if the sender wants to send a message.
In filter_begin and later you can do this:
(-s './INPUTMSG')
or this:
(stat('./INPUTMSG'))[7]
/Jonas
--
Jonas Eckerman, FSDB Fruktträdet
http://whatever.frukt.org/
http://www.fsdb.org
in the code for this to be a quick simple change?
It might be worth it for some systems.
Of course, with my huge filter it might actually make a bigger difference to split the
filter into parts that are required when needed. :-)
Regards
/Jonas
--
Jonas Eckerman, FSDB Fruktträdet
http
--
Jonas Eckerman, FSDB Fruktträdet
http://whatever.frukt.org/
http://www.fsdb.org/
http://www.frukt.org/
___
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID. You may ignore it.
Visit http
/Jonas
--
Jonas Eckerman, FSDB Fruktträdet
http://whatever.frukt.org/
http://www.fsdb.org/
http://www.frukt.org/
___
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID. You may ignore it.
Visit http
in rules and in
the bayes automagic. The change to mimedefang.pl is small.
Personaly I'd like to see it in the official version, so that I don't have to
remember to patch it when upgrading. :-)
Regards
/Jonas
--
Jonas Eckerman, FSDB
http://www.fsdb.org/
--- mimedefang.pl Fri May 12 15:58:29
, anything
that delays sendmail reading the input would increase the likelyhood of this
happening. I have not idea whatsoever if this is how sendmail works though.
/Jonas
--
Jonas Eckerman, FSDB Fruktträdet
http://whatever.frukt.org/
http://www.fsdb.org/
http://www.frukt.org
();
}
---8---
The headers are added when mimedefang.pl adds other headers before calling
SpamAssassin, so this ought to be cheaper than updating the files that
mimedefang.pl uses when creating messages for SpamAssassin.
If this patch is a bad idea, please tell me so. :-)
Regards
/Jonas
--
Jonas
Jonas Eckerman wrote:
The following, *untested* code diff might be all that's needed to make it work:
I've been running with the patched code since yesterday myself now, and it
seems to work. The new rules are beeing used, and nothiong strange is happening.
I looked through the SpamAssassin
();
}
---8---
Note that I haven't checked thoroughly to see if the LOCAL_STATE_DIR parameter
is used for anything else.
Regards
/Jonas
--
Jonas Eckerman, FSDB Fruktträdet
http://whatever.frukt.org/
http://www.fsdb.org/
http://www.frukt.org/
___
NOTE
programming
to do something similar yourself, I'd suggest that you do something simpler than what
I did. Replacing the original serializing with YAML worked fine for me and is a pretty
small and simple modification of the code. You can find the YAML module at CPAN.
Regards
/Jonas
--
Jonas Eckerman
to formulate a notification (if you wish.)
$VirusName
If a virus-scanning function found a virus, this
variable will hold the virus name (if it could be
determined.)
--8--
--
Jonas Eckerman, [EMAIL PROTECTED]
http://www.fsdb.org
On Thu, 24 Jun 2004 15:39:04 +0200, Jonas Eckerman wrote:
evaluating a pretty involved validation scheme, and it does seem
to work out so far.
Ok. Been running it for one more week now. t does work rather good and rejects a lot,
but I've decided that even with the results so far I'm
On Thu, 24 Jun 2004 15:39:04 +0200, Jonas Eckerman wrote:
If this stuff keeps working without problems, I'll
post again if I actually start rejecting based on it.
Ok. Now the test has been running for a week, and it has hit exactly *no* legit mail.
I just upgraded it from data collection
tieable DBs had loads of problems once
they grew over a certain size. DB_File still works fine, so I haven't seen any reason
to change that.
Note that ours is not a huge and heavily loaded mail server.
Regards
/Jonas
--
Jonas Eckerman, [EMAIL PROTECTED]
http://www.fsdb.org
a senders address is valid (with a bunch of excemptions).
/Jonas
--
Jonas Eckerman, [EMAIL PROTECTED]
http://www.fsdb.org/
___
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing list
[EMAIL PROTECTED]
http
watching
though).
(I'm going to remember that bit about rejecting from to multiple recipients (after
DATA). Even if it only catches a few spams (does it?), it'd be such a small addition
to the filter's code that it'd be worth it...)
/Jonas
--
Jonas Eckerman, [EMAIL PROTECTED]
http
.
Regards
/Jonas
--
Jonas Eckerman, [EMAIL PROTECTED]
http://www.fsdb.org/
___
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing list
[EMAIL PROTECTED]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
for rejects the databse would only have
to be updated when a check has been done for an address.
Regards
/Jonas
--
Jonas Eckerman, [EMAIL PROTECTED]
http://www.fsdb.org/
___
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing list
for every mail it rejects even for mails that would have
been stopped by the greylist (1: it would do a REJECT instead of the greylists
TEMPFAIL and 2: it would reject before reciving the actual mail while my greylist
rejects after receiving it (because of stupid mailers)).
/Jonas
--
Jonas Eckerman
--
Jonas Eckerman, [EMAIL PROTECTED]
http://www.fsdb.org/
___
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing list
[EMAIL PROTECTED]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
for the domain).
--
Jonas Eckerman, [EMAIL PROTECTED]
http://www.truls.org/
___
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing list
[EMAIL PROTECTED]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
idea. Using it
for points would be better if one wants to check this.
Regards
/Jonas
--
Jonas Eckerman, [EMAIL PROTECTED]
http://www.fsdb.org/
___
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing list
[EMAIL PROTECTED]
http
On Tue, 22 Jun 2004 18:11:51 +0200, Alexander Dalloz wrote:
Yes, a nice feature - until the worm authors begin to respect such
a feature ;/
The feature will still work against people/software mailing through open HTTP (and
other non-SMTP) proxies.
/Jonas
--
Jonas Eckerman, [EMAIL
without sending a QUIT message whenever they receive a non-positive answer.
Regards
/Jonas
--
Jonas Eckerman, [EMAIL PROTECTED]
http://www.fsdb.org/
___
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing list
[EMAIL PROTECTED
AFAIK.
Regards
/Jonas
--
Jonas Eckerman, [EMAIL PROTECTED]
http://www.fsdb.org/
___
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing list
[EMAIL PROTECTED]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
it yourself
in your filter, how on earth do you expect MIMEDefang to have even the slightest idea
about any relays other than the one the address of wich MIMEDefang gets from sendmail?
/Jonas
--
Jonas Eckerman, [EMAIL PROTECTED]
http://www.fsdb.org
from manually
reading the Received-headers unless you tell it to completely discard virus mails.
/Jonas
--
Jonas Eckerman, [EMAIL PROTECTED]
http://www.fsdb.org/
___
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing list
[EMAIL
there's no single
standard all relays follow when creating Received-headers (compare Sendmail to Exim
for example) and partly because faked Received-headers are so common.
/Jonas
--
Jonas Eckerman, [EMAIL PROTECTED]
http://www.fsdb.org/
___
Visit
that's also true for *all* forms of statistics, you have to know what
data the statistics are based on before you decide how to interpret (or trust) the
numbers.
/Jonas
--
Jonas Eckerman, [EMAIL PROTECTED]
http://www.fsdb.org/
___
Visit http
mismatches that would be good
guarding against with the same method?
Regards
/Jonas
--
Jonas Eckerman, [EMAIL PROTECTED]
http://www.truls.org/
___
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing list
[EMAIL PROTECTED]
http
mismatches that would be good
guarding against with the same method?
Regards
/Jonas
--
Jonas Eckerman, [EMAIL PROTECTED]
http://www.truls.org/
___
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing list
[EMAIL PROTECTED]
http
). If
it's not available you'll have to use another locking mechanism.
Regards
/Jonas
--
Jonas Eckerman, [EMAIL PROTECTED]
http://www.fsdb.org/
___
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing list
[EMAIL PROTECTED]
http
*filter* does use relaydb, but that has nothing to do with *greylisting* at all. If
you read the info at the top of my filter, you can easily just turn of any use of
relaydb.
Regards
/Jonas
--
Jonas Eckerman, [EMAIL PROTECTED]
http://www.fsdb.org
(I have no idea how you'd tell it not
to, but with thye sendmail config just about anything seems posssible to do on purpose
or by mistake)?
Regards
/Jonas
--
Jonas Eckerman, [EMAIL PROTECTED]
http://www.fsdb.org/
___
Visit http
the net in general
should be behind a firewall, and if it's behind a firewall you should simply block
traffic you don't whant before it ever reaches the server.
Regards
/Jonas
--
Jonas Eckerman, [EMAIL PROTECTED]
http://www.fsdb.org/
___
Visit http
received any answer yet though.
Regards
/Jonas
--
Jonas Eckerman, [EMAIL PROTECTED]
http://www.truls.org/
___
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing list
[EMAIL PROTECTED]
http://lists.roaringpenguin.com/mailman
complete than the proposal though. :-)
Regards
/Jonas
Regards
/Jonas
--
Jonas Eckerman, [EMAIL PROTECTED]
http://www.fsdb.org/
___
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing list
[EMAIL PROTECTED]
http
). This memory is freed when the perl interpreter finishes
instead. If it never finishes, leaks can be accumulated.
Regards
/Jonas
--
Jonas Eckerman, [EMAIL PROTECTED]
http://www.fsdb.org/
___
Visit http://www.mimedefang.org and http://www.canit.ca
has
memory leaks, I would expect that to create problems when using an embedded perl
interpreter.
Regards
/Jonas
--
Jonas Eckerman, [EMAIL PROTECTED]
http://www.fsdb.org/
___
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang
=~ s/\n//g;
if ($line =~ /hastalavistababy/) {
$bad = 1;
last;
}
}
close(INF);
return action_discard('Bad, bad body!') if ($bad);
}
Regards
/Jonas
--
Jonas Eckerman, [EMAIL PROTECTED]
http
here got more than 300
notifications in 2 days last year, they were *not* happy. Personally I think they
didn't have much reason to complain, I got more than 1500 in 24 hours. :-(
Regards
/Jonas
--
Jonas Eckerman, [EMAIL PROTECTED]
http://www.fsdb.org
the license is for. Those regulations typically doesn't only restrict only the
*selling* but also the *distribution* of software.
/Jonas
--
Jonas Eckerman, [EMAIL PROTECTED]
http://www.fsdb.org/
___
Visit http://www.mimedefang.org and http://www.canit.ca
processes in the server really should tiomeout after a while without you
having to kill them. How long have you waited for them to die?
I do have an e-mail that I created with a couple xls attachments
/Jonas
--
Jonas Eckerman, [EMAIL PROTECTED]
http://www.fsdb.org
don't know
how much work that'd mean.
Regards
/Jonas
--
Jonas Eckerman, [EMAIL PROTECTED]
http://www.fsdb.org/
___
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing list
[EMAIL PROTECTED]
http://lists.roaringpenguin.com/mailman
mails.
/Jonas
--
Jonas Eckerman, [EMAIL PROTECTED]
http://www.fsdb.org/
___
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing list
[EMAIL PROTECTED]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
) {
my $greys = time_string($greylistwait);
return action_tempfail(We will accept the mail in $greys.)
}
}
And the corresponding part from filter_recipient is no more. :-/
Regards
/Jonas
--
Jonas Eckerman, [EMAIL PROTECTED]
http://www.fsdb.org
55 matches
Mail list logo