Hello,
On Sat, Sep 20, 2003 at 03:41:36PM +0200, Paul Seelig wrote:
snip -
Package: popsneaker
Status: install ok installed
Priority: optional
Section: mail
Installed-Size: 159
Maintainer: Stefan Baehre [EMAIL PROTECTED]
Version: 0.6.2-1
Depends: libc6 (= 2.3.2-1), libgcc1 (= 1:3.3.1-1), libstdc++5 (=
1:3.3.1-1), libtcp4u3, logrotate
Recommends: fetchmail | popclient
Conffiles:
/etc/popsneakerrc 40cc5a1635d4bc41678d3dccc7f21e73
/etc/logrotate.d/popsneaker af45e2150e4dc61758c7b605de491e3d
Description: Flexible spam filter for POP3 email accounts.
popsneaker is a flexible email filter. It can delete spam mails without
downloading them to the local host.
snip -
I found the appended patch useful. It implements a new
minsize N rule, which lets all mails smaller than N
bytes pass. So you can receive your usual (smaller than
the virus) mails without risk of loosing them, and filter
the large mails quite radically.
Note the the patch is only very little teste, but it
workes for me.
With the patch I can use the following home-grown ruleset:
# accept all mails up to 1 bytes
minsize 1
# some white-listing here
deny ^From: .*msn\.com
deny ^From: .*msdn\.com
deny ^From: (MS |Microsoft)
deny ^Subject: (Abort|failure|error)
(Advice|Announcement|Letter|Message|Notice|Report)$
deny -case ^SUBJECT: $
deny ^Subject: (current|last|new|newest) .* (update|upgrade|pack)$
minsize 5
# for large mails filter even more
deny ^Subject: (current|last|new|newest) .* patch$
deny ^Subject: internet .* (update|upgrade|pack|patch)$
deny ^Subject: I (choose|chose) life
minsize 10
# for huge mails filter even much more
deny ^Subject: $
deny ^Subject: (Advice|Announcement|Letter|Message|Notice|Report)$
deny ^Subject: (undelivered|undeliverable|returned) (mail|message)
deny ^Subject: (message|mail)( |: )(returned to sender|returned to
mailer|user unknown)
deny ^Subject: bug (Advice|Announcement|Letter|Message|Notice|Report)$
I hope this helps,
Jochen
diff -ur popsneaker-0.6.2.orig/popsneaker/parser.cpp
popsneaker-0.6.2/popsneaker/parser.cpp
--- popsneaker-0.6.2.orig/popsneaker/parser.cpp 2002-10-22 18:37:36.0
+0200
+++ popsneaker-0.6.2/popsneaker/parser.cpp 2003-09-23 03:04:50.0
+0200
@@ -48,6 +48,7 @@
case t_scoreeval: scoreeval(); break;
case t_score: score(); break;
case t_maxsize: maxsize(); break;
+ case t_minsize: minsize(); break;
case t_dupcheck:dupcheck();break;
case t_semicolon:
case t_nl: eoc(); break;
@@ -351,6 +352,28 @@
eoc();
}
+void Parser::minsize(void){
+ Rule* rule = new Rule;
+ chkptr(rule);
+
+ scanner.nextToken();
+
+ while(scanner.getToken() == t_dash) {
+ roption(rule);
+ }
+
+ if(scanner.getToken() == t_numeric) {
+ rule-set_minsize(scanner.getNumeric());
+ } else {
+ parse_error(size expected);
+ }
+
+ rp.add(rule);
+
+ scanner.nextToken();
+ eoc();
+}
+
void Parser::dupcheck(void){
int mode = DUP_MODE_STRICT;
diff -ur popsneaker-0.6.2.orig/popsneaker/parser.h
popsneaker-0.6.2/popsneaker/parser.h
--- popsneaker-0.6.2.orig/popsneaker/parser.h 2002-10-22 18:37:36.0
+0200
+++ popsneaker-0.6.2/popsneaker/parser.h2003-09-23 02:38:18.0
+0200
@@ -67,6 +67,7 @@
void scorereset(void);
void soption(Rule*);
void maxsize(void);
+ void minsize(void);
void eoc(void);
void dupcheck(void);
int doption(void);
diff -ur popsneaker-0.6.2.orig/popsneaker/rule.cpp
popsneaker-0.6.2/popsneaker/rule.cpp
--- popsneaker-0.6.2.orig/popsneaker/rule.cpp 2002-10-22 18:38:31.0
+0200
+++ popsneaker-0.6.2/popsneaker/rule.cpp2003-09-23 02:40:30.0
+0200
@@ -46,6 +46,13 @@
}
+/** Setup a minsize rule */
+void Rule::set_minsize(unsigned long size){
+ type = RT_MINSIZE;
+ minsize = size;
+}
+
+
/** Setup an accept rule */
void Rule::set_accept(const char* expr){
type = RT_ACCEPT;
@@ -133,6 +140,10 @@
action = applyMaxsize(header);
break;
+ case RT_MINSIZE:
+action = applyMinsize(header);
+break;
+
case RT_SCORE:
action = applyScore(header);
break;
@@ -245,6 +256,20 @@
}
+/** Apply the minsize rule on a mailheader */
+mailaction Rule::applyMinsize(MailHeader* header){
+ if(header-size = minsize) {
+char buffer[64];
+sprintf(buffer, mail (%10.2fKB) is smaller than %10.2fKB, \
+ header-size / 1024.0, minsize / 1024.0);
+header-reason = buffer;
+return MA_KEEP;
+ } else {
+return MA_NONE;
+ }
+}
+
+
/** Apply the regular expression on a mailheader */
bool Rule::applyRE(MailHeader* header){