Re: [Mimedefang] MD upgrade - how?
--On Thursday, April 22, 2004 2:14 PM +0200 Michal Szymanski <[EMAIL PROTECTED]> wrote: So maybe I should just install the new one over the existing version, saving local changes done in 'mimedefang-filter'? Before modifying the stock filter, I make a copy called mimedefang-filter.original. When it comes time to upgrade, I can diff my current filter against the original stock one, then apply the changes to the new stock one. ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
RE: [Mimedefang] Embedded perl
Thanks... How can you test if a given implementation is safe? Does Perl need to be compiled in any special way to enable embedded Perl to work? Sincerely, - Henrik -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David F. Skoll Sent: Friday, April 23, 2004 5:29 PM To: [EMAIL PROTECTED] Subject: Re: [Mimedefang] Embedded perl On Fri, 23 Apr 2004, Henrik Schmiediche wrote: > What is the advantage to Embedding Perl in the muliplexor? Faster startup time and much less memory use. > Why is it not enabled by default? Because it's broken on some platforms. It's fine on Linux, mostly fine on Solaris 9, and all bets are off on other platforms. The innards of Perl are very scary... Regards, David. ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Embedded perl
On Fri, 23 Apr 2004, Henrik Schmiediche wrote: > What is the advantage to Embedding Perl in the muliplexor? Faster startup time and much less memory use. > Why is it not enabled by default? Because it's broken on some platforms. It's fine on Linux, mostly fine on Solaris 9, and all bets are off on other platforms. The innards of Perl are very scary... Regards, David. ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
RE: [Mimedefang] Bounce if its not for a local user.
Yes in fact it will be used as a relay, sorry I did not state that in my first mail. This is perfect for what we need. Thank you !! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Thursday, April 22, 2004 9:43 AM To: [EMAIL PROTECTED] Subject: RE: [Mimedefang] Bounce if its not for a local user. > From: Larry Guest [mailto:[EMAIL PROTECTED] > I would like to filter mail and bounce anything that is not > for a local user. > I assume I will have to setup a file on the server and list all the > valid users in this file. There are only about 50 at the most so this > is not a problem. > > Any ideas? Are the users local to the server? Or are you using the server as a relay? If the former, sendmail should already be doing this for you. If the latter, there are two options: You can use a mimedefang function check_against_smtp_server() to see if the user exists on the remote server. This works for *most* remote servers. If you're using an Exchange server, life is a little more complicated. (I know, I'm doing exactly this.) However, all hope is not lost. You can create a Perl script to run LDAP queries against your Exchange server every (say) fifteen minutes. The LDAP query can extract all valid email addresses. Then the Perl script should make a sendmail "access" file and hash it to access.db See http://lists.roaringpenguin.com/pipermail/mimedefang/2003-December/01863 3.ht ml for how to do it against an Exchange 2000 server It's also possible to do against an Exchange 5.5 server - I'm doing this (email me offlist for my script) This method has a drawback. Email to new addresses will be bounced until the Perl script has had a chance to run. So, if you create a new Exchange user, they won't be able to get email from the outside for up to fifteen minutes. In my experience, this is not a big problem at all. [EMAIL PROTECTED]805.964.4554 x902 Hispanic Business Inc./HireDiversity.com Software Engineer perl -e"print join er,reverse',','l hack',' P','Just anoth'" ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
[Mimedefang] Embedded perl
Hello, I cannot find documentation on this... What is the advantage to Embedding Perl in the muliplexor? I presume performance, but what exactly? Startup time? Scan time? Why is it not enabled by default? Do I need something special in my Perl to make it work? Sincerely, - Henrik ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
RE: [Mimedefang] greylist db size limit?
Gary, > Ok, let's just say that you never quite got around to running > the greylist db cleaner. Is there a limit to the size that > the greylist db can get? Mine suspiciously seems to have > topped out at 1024, and didn't seem to want to get any bigger There's no hardcoded size limit as far as I know, but it depends on which DBM implementation you are using. Some are better than others. > On top of that, trying to run the greylist cleaner, while it said > that it removed 4000+ entries, didn't affect the size of the db. The DB files are set up for random access, so all the cleaner does is poke holes in it which are then available for re-use in future. To physically shrink the file, you'd have to write something in Perl which created two DBM tied hashes, copied the contents of the live one to the backup, and untied the hashes. Then, backup the old file and move the new file over it. Best Wishes, Paul. __ Paul Murphy Head of Informatics Ionix Pharmaceuticals Ltd 418 Science Park, Cambridge, CB4 0PA Tel. 01223 433741 Fax. 01223 433788 ___ DISCLAIMER: This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to which they are addressed. If you have received this email in error please contact the sender or the Ionix IT Helpdesk on +44 (0) 1223 433741 ___ ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] limit message size
--On Friday, April 23, 2004 4:27 PM +0700 paokrab <[EMAIL PROTECTED]> wrote: I want to use mimedefang to limit incoming and outgoing messages size. Could anyone suggest me or tell me HOW-TO? It would be more efficient to do it in sendmail, and it's just one line in sendmail.mc too: define(`confMAX_MESSAGE_SIZE',1000) Joseph Brennan Academic Technologies Group, Academic Information Systems (AcIS) Columbia University in the City of New York ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
RE: [Mimedefang] Filtering new Mirosoft virus email ...
> Hi Ken, > I tried installing your script on my mailserver, but it has a strange > behaviour. > I added these lines into subjects_full: > re:.thanks! > re:.approved Mirko - I'm assuming by "script" you mean the sendmail LOCAL_RULESET "CheckSubject" rule that I use, in sendmail.mc/cf. Generally speaking, I use the subjects_part list far more that the subjects_full list, simply because if I declare a full match on "approved", and then an email comes in "re: approved", the complete subject obviously no longer matches. So technically, if you wanted to use the subjects_full file, you'd have to account for all of the following variants: approved re: approved fwd: approved ... and so on. On the other hand, you have to be carefule with what you put in the partial subjects file (subjects_part), because adding the word "approved" there would also bounce emails with subjects such as "management just approved your project". If the likelyhood of clashes such as that example bother you, then add all the permutations you can think of, to the full file. Other times, the partial list can cover you, with less likelyhood of causing clashes like the one I just described. Lastly, it sounds like you may be forgetting that recent versions of sendmail actually now use TWO .cf files... sendmail.cf (for files received via port 25), and submit.cf (for messages "submitted" locally on the machine... with the "mail" command, for example.) Be sure you have the rule added to BOTH .cf files, or you will have different behavior, depending upon whether the mail was received via port 25, or whether you typed a "mail" command at the commandline. mirko ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
[Mimedefang] Filtering new Mirosoft virus email ...
Hi Ken, I tried installing your script on my mailserver, but it has a strange behaviour. I added these lines into subjects_full: re:.thanks! re:.approved If I send a NEW message to myself with a "re: approved" message, I correctly receive a 553 error. If I use the "re thanks!" subjects in a NEW message, it isn't blocked (?). But the strangest thing is that if I edit the unsent "re: approved" message changinng the subject to "re: thanks!", and I try to send it, it is correctly denied! Why the new message is accepted and the edited one is stopped? I tried with many other subjects in "subjects_full", and some are blocked, while some other are accepted. Can you help me? :) thanks mirko ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
[Mimedefang] greylist db size limit?
Ok, let's just say that you never quite got around to running the greylist db cleaner. Is there a limit to the size that the greylist db can get? Mine suspiciously seems to have topped out at 1024, and didn't seem to want to get any bigger (and in fact, I had some mail that kept bouncing as if it was new to the greylist, which seemed a bit odd). On top of that, trying to run the greylist cleaner, while it said that it removed 4000+ entries, didn't affect the size of the db. I'm using Jonas Eckerman's implementation of greylist on Freebsd if that makes any difference. Gary Schrock [EMAIL PROTECTED] ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] limit message size
I would do this through sendmail such as define(`confMAX_MESSAGE_SIZE', `1000')dnl. However, I guess you could do something in filter() like this: $sizelimit = 1048576; #1MB limit unless (-s "$entity->bodyhandle->path" <= $sizelimit) { return action_drop_with_warning("Message is larger than limit.\n"); } Not really sure you are going to find many people doing overall message size limits through MD. KAM > I want to use mimedefang to limit incoming and outgoing messages size. > Could anyone suggest me or tell me HOW-TO? ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
RE: [Mimedefang] Spammer zombie group behaviour
> I'm just experimenting with adding greylisting, and doing it after > the RCPT TO. I'm curious as to why Groupwise makes that a problem. See http://lists.roaringpenguin.com/pipermail/mimedefang/2004-January/019541.html Also, note that Groupwise has had several security problems in its SMTP module over the years, and had a habit of taking the whole server down with it when it failed to interpret the standard correctly, plus its anti-relaying option didn't work for a long time, so anyone who was running it as their Internet-visible server was mad. I used it extensively in a previous position, and liked the main system (which was, and still is, much better than Exchange and Outlook), but I had it behind a Sendmail system. It will undoubtedly have improved in the last three years, but I still believe that anyone using a proprietary SMTP server as their main public interface needs a nice leather couch to lie on - would you make Exchange or Notes SMTP services visible to the whole of the Internet? Best Wishes, Paul. __ Paul Murphy Head of Informatics Ionix Pharmaceuticals Ltd 418 Science Park, Cambridge, CB4 0PA Tel. 01223 433741 Fax. 01223 433788 ___ DISCLAIMER: This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to which they are addressed. If you have received this email in error please contact the sender or the Ionix IT Helpdesk on +44 (0) 1223 433741 ___ ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
[Mimedefang] limit message size
I want to use mimedefang to limit incoming and outgoing messages size. Could anyone suggest me or tell me HOW-TO? thanks SCB News: Win a Honda Jazz and loaded of prizes when you pay your bill via SCB Multi-channel payment service during February 15 - July 31, 2004 .For more details, please contact SCB easy call center at 0 2777- or http://www.scb.co.th/campaign DISCLAIMER: This e-mail is intended solely for the recipient(s) name above. If you are not the intended recipient, any type of your use is prohibited. Any information, comment or statement contained in this e-mail, including any attachments (if any) are those of the author and are not necessarily endorsed by the Bank. The Bank shall, therefore, not be liable or responsible for any of such contents, including damages resulting from any virus transmitted by this e-mail. ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Spammer zombie group behaviour
On Thu, 22 Apr 2004 19:57:54 +0100, in local.mimedefang you wrote: >is now being transmitted multiple times. That wouldn't be a problem >with >greylisting after the RCPT TO command, but too many folks use nasty >Novell >Groupwise for me to get away with that. I'm just experimenting with adding greylisting, and doing it after the RCPT TO. I'm curious as to why Groupwise makes that a problem. jim ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
[Mimedefang] Re: MD upgrade - how?
Michal Szymanski asked: > What is the recommended way of upgrading MD? [...] > So maybe I should just install the new one over the existing version, > saving local changes done in 'mimedefang-filter'? A general advice: be a pessimist and expect things go wrong after the upgrade. (Sorry David... ;-) Therefore back the old version up to be able to restrore it quickly just in case. The files to be backed up are: /etc/init.d/mimedefang /etc/mail/spamassassin /etc/mail/mimedefang-filter /usr/local/bin/mimedefang.pl /usr/local/bin/mimedefang /usr/local/bin/watch-mimedefang /usr/local/bin/md-mx-ctrl /usr/local/bin/mimedefang-multiplexor Secondly, since you might have customized /etc/init.d/mimedefang and /etc/mail/mimedefang-filter, do not compare these files with the ones in the new distribution but compare the ones in the new distribution with their old versions in the _original_ old distribution. Then update your customized old versions *by hand* towards including the new features. That's the way I do it since my (and probably everyone else's) mimedefang-filter is not so easily comparable with the templates furnished in the MD tarball. Andrzej -- - Andrzej Marecki| Torun Centre for Astronomy | e-mail: [EMAIL PROTECTED] N. Copernicus University | WWW:http://www.astro.uni.torun.pl ul. Gagarina 11| tel: +48 56 6113032 PL-87-100 Torun, POLAND| fax: +48 56 6113009 - "If Bill Gates actually had to admin his own stuff, he'd shoot himself." - ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang