Re: [Mimedefang] Outgoing mails & attachments scanning

[Rob MacGregor]

On 18/11/05, mallapadi niranjan <[EMAIL PROTECTED]> wrote:
> Hi all
>
> I am using sendmail + spamassassin + clamav. + mimedefang.
> I want to track all the outgoing mails, and also second , i want a
> copy of a mail to administrator from any user who sends any attachment
> with .doc, .pdf. , .zip,

Your mail log will already contain details about outgoing (and
incoming) emails.  You simply need to parse this.  Automated tools
like SMA and awstats can help here.

--
 Please keep list traffic on the list.
Rob MacGregor
  Whoever fights monsters should see to it that in the process he
doesn't become a monster.  Friedrich Nietzsche

___
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list
MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

[Mimedefang] Outgoing mails & attachments scanning

[mallapadi niranjan]

Hi all

I am using sendmail + spamassassin + clamav. + mimedefang.
I want to track all the outgoing mails, and also second , i want a
copy of a mail to administrator from any user who sends any attachment
with .doc, .pdf. , .zip,

please guide me

regards
Niranjan

___
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list
MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

[Mimedefang] OT: vacation as autoresponder for non-user

[Ben Kamen]

Anyone ever do this with vacation?

Please let me know offlist, I can't quite make this work the way it should seem 
to do it..


Thanks,

 -Ben

begin:vcard
fn:Ben Kamen
n:Kamen;Ben
adr:;;USA
email;internet:[EMAIL PROTECTED]
title:O.D.T. - S.P.
x-mozilla-html:FALSE
url:http://www.benjammin.net/
version:2.1
end:vcard

___
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list
MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

RE: [Mimedefang] MIMEDefang 2.55-BETA-1 is available

[Mack]

I note you've not dealt with the code ==9 for the kavscanner bit yet (pswd
protected zips)
That should be moved to suspiscous at least, and not temp fail ?


Mack


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of David
F. Skoll
Sent: 17 November 2005 19:50
To: mimedefang@lists.roaringpenguin.com
Subject: [Mimedefang] MIMEDefang 2.55-BETA-1 is available


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hi,

MIMEDefang 2.55-BETA-1 is available from the download page:

   http://www.mimedefang.org/node.php?id=1

Please test this one out; we now pass bare  characters through
by default.  This is a fairly major change in policy.

Full changelog since 2.54 follows.

Regards,

David.

2005-11-17  David F. Skoll  <[EMAIL PROTECTED]>

* VERSION 2.55-BETA-1 RELEASED

* examples/init-script.in: Fix typo that resulted in the shell
complaining of a syntax error (pointed out by Jason Englander).

* Clean up man pages by removing some obsolete material.

* mimedefang.c: Do NOT strip "bare CR" characters from e-mails by
default.  The new "-c" command-line option enables the older behavior.

*** NOTE INCOMPATIBILITY ***  WE NO LONGER STRIP BARE CR's FROM
  MESSAGES BY DEFAULT.  TEST YOUR FILTERS
  CAREFULLY TO MAKE SURE THEY CAN COPE
  WITH THIS, OR USE THE -c FLAG.

* mimedefang.c(rcptto): If you returned ACCEPT_AND_NO_MORE_FILTERING
from filter_recipient, the spool files wouldn't get cleaned up,
eventually clogging the spool directory.  This has been fixed.

* mimedefang.pl.in(interpret_hbedv_code): Fix interpretation of
H+BEDV return codes (pointed out by Henning Schmiedehausen).

2005-11-04  David F. Skoll  <[EMAIL PROTECTED]>

* VERSION 2.54 RELEASED



-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDfN76wYQuKhJvQuARAmeHAJ92apRtysdSgMpTyBJdOWgVd6TchQCfcnG0
BiAaBKDYwxaFNy9T/d7yI5g=
=q9G5
-END PGP SIGNATURE-
___
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list
MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

This Email Has Been Anti-Virus Scanned

___
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list
MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

[Mimedefang] MIMEDefang 2.55-BETA-1 is available

[David F. Skoll]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hi,

MIMEDefang 2.55-BETA-1 is available from the download page:

   http://www.mimedefang.org/node.php?id=1

Please test this one out; we now pass bare  characters through
by default.  This is a fairly major change in policy.

Full changelog since 2.54 follows.

Regards,

David.

2005-11-17  David F. Skoll  <[EMAIL PROTECTED]>

* VERSION 2.55-BETA-1 RELEASED

* examples/init-script.in: Fix typo that resulted in the shell
complaining of a syntax error (pointed out by Jason Englander).

* Clean up man pages by removing some obsolete material.

* mimedefang.c: Do NOT strip "bare CR" characters from e-mails by
default.  The new "-c" command-line option enables the older behavior.

*** NOTE INCOMPATIBILITY ***  WE NO LONGER STRIP BARE CR's FROM
  MESSAGES BY DEFAULT.  TEST YOUR FILTERS
  CAREFULLY TO MAKE SURE THEY CAN COPE
  WITH THIS, OR USE THE -c FLAG.

* mimedefang.c(rcptto): If you returned ACCEPT_AND_NO_MORE_FILTERING
from filter_recipient, the spool files wouldn't get cleaned up,
eventually clogging the spool directory.  This has been fixed.

* mimedefang.pl.in(interpret_hbedv_code): Fix interpretation of
H+BEDV return codes (pointed out by Henning Schmiedehausen).

2005-11-04  David F. Skoll  <[EMAIL PROTECTED]>

* VERSION 2.54 RELEASED



-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDfN76wYQuKhJvQuARAmeHAJ92apRtysdSgMpTyBJdOWgVd6TchQCfcnG0
BiAaBKDYwxaFNy9T/d7yI5g=
=q9G5
-END PGP SIGNATURE-
___
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list
MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

Re: [Mimedefang] ACCEPT_AND_NO_MORE_FILTERING leaves behind working files in /var/spool/MIMEdefang

[David F. Skoll]

Kenneth Porter wrote:

> Now if only there were a Knuth bounty! ;)

I'll start one.  I can pay 64 cents for the next bug found, with the
payout halving with each new bug. :-)

Regards,

David.
___
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list
MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

Re: [Mimedefang] ACCEPT_AND_NO_MORE_FILTERING leaves behind working files in /var/spool/MIMEdefang

[Kenneth Porter]

--On Thursday, November 17, 2005 1:10 PM -0500 "David F. Skoll" 
<[EMAIL PROTECTED]> wrote:



Congratulations!  You've found a bug in mimedefang.c!


Now if only there were a Knuth bounty! ;)



___
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list
MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

RE: [Mimedefang] ACCEPT_AND_NO_MORE_FILTERING leaves behind workingfiles in /var/spool/MIMEdefang

[Mack]

Nicely Spotted, I did wonder where those orphan files were coming from, but
they seemed so infrequent (i never investigated it any further!)

Guess i'll have to patch the only server i have that uses the AANMF return
val

Cheers

Mack



-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of David
F. Skoll
Sent: 17 November 2005 18:10
To: mimedefang@lists.roaringpenguin.com
Subject: Re: [Mimedefang] ACCEPT_AND_NO_MORE_FILTERING leaves behind
workingfiles in /var/spool/MIMEdefang


Ken Menzel wrote:

> I am trying to implement a recipient filter.  It seems to mostly work as
> intended except when I use ACCEPT_AND_NO_MORE_FILTERING as the return
> option mimedefang slowly fills /var/spool/MIMEdefang directory with left
> over COMMAND and HEADER files in the working directories.

Congratulations!  You've found a bug in mimedefang.c!

The patch below should fix it.  Sorry about that!

Regards,

David.

--- mimedefang-2.54/mimedefang.c2005-10-14 12:33:27.0 -0400
+++ mimedefang-2.55/mimedefang.c2005-11-17 13:07:13.0 -0500
@@ -16,7 +16,7 @@
 ***/

 static char const RCSID[] =
-"$Id: mimedefang.c,v 1.229 2005/10/14 16:33:27 dfs Exp $";
+"$Id: mimedefang.c,v 1.230 2005/11/17 18:07:13 dfs Exp $";

 /* Define this to work around an M$ Outlook bug! */
 /* #define CONVERT_EMBEDDED_CRS_IN_HEADERS 1 */
@@ -882,8 +882,8 @@
}
if (n == 2) {
set_dsn(ctx, ans, 2);
-
-   retcode = SMFIS_ACCEPT;
+   cleanup(ctx);
+   return SMFIS_ACCEPT;
}
if (n == 3) {
set_dsn(ctx, ans, 2);
___
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list
MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

This Email Has Been Anti-Virus Scanned

___
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list
MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

[Mimedefang] ACCEPT_AND_NO_MORE_FILTERING leaves behind working files in /var/spool/MIMEdefang

[Ken Menzel]

I am trying to implement a recipient filter.  It seems to mostly work 
as intended except when I use ACCEPT_AND_NO_MORE_FILTERING as the 
return option mimedefang slowly fills /var/spool/MIMEdefang directory 
with left over COMMAND and HEADER files in the working directories. 
Eventually the system runs out of inodes and stop accpeting mail.  It 
does however deliver the mail. If I use DISCARD I donn't have any left 
over files, but my messages are discarded.  I wanted to recieve them 
but not defang, spam check or virus check,  just pass them on,  they 
are debug messages with large attachments going to a logging program. 
My CPU load drops greatly by not checking those.  What am I doing 
wrong with ACCEPT_AND_NO_MORE_FILTERING that leaves the spool file 
behind?


mimedefang-2.54 =  up-to-date with port

Here is my filter:
sub filter_recipient ($) {
my ($recip, $sender, $ip, $hostname, $first, $helo,
  $rcpt_mailer, $rcpt_host, $rcpt_addr) = @_;

#md_syslog('warning', "checking $recip");
if ($recip eq '<[EMAIL PROTECTED]>') {
   md_syslog('warning', "skip $recip");
   #return("ACCEPT_AND_NO_MORE_FILTERING", "ok");
   return("DISCARD", "ok");
}

if ($sender eq '<[EMAIL PROTECTED]>') {
   return("REJECT", "I don't care for you.");
   }
return ("CONTINUE", "ok");
}


-
Ken Menzel  ICQ# 9325188
www.icarz.com  [EMAIL PROTECTED]
/earth is 98% full ... please delete anyone you can. 


___
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list
MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

Re: [Mimedefang] ACCEPT_AND_NO_MORE_FILTERING leaves behind working files in /var/spool/MIMEdefang

[David F. Skoll]

Ken Menzel wrote:

> I am trying to implement a recipient filter.  It seems to mostly work as
> intended except when I use ACCEPT_AND_NO_MORE_FILTERING as the return
> option mimedefang slowly fills /var/spool/MIMEdefang directory with left
> over COMMAND and HEADER files in the working directories.

Congratulations!  You've found a bug in mimedefang.c!

The patch below should fix it.  Sorry about that!

Regards,

David.

--- mimedefang-2.54/mimedefang.c2005-10-14 12:33:27.0 -0400
+++ mimedefang-2.55/mimedefang.c2005-11-17 13:07:13.0 -0500
@@ -16,7 +16,7 @@
 ***/
 
 static char const RCSID[] =
-"$Id: mimedefang.c,v 1.229 2005/10/14 16:33:27 dfs Exp $";
+"$Id: mimedefang.c,v 1.230 2005/11/17 18:07:13 dfs Exp $";
 
 /* Define this to work around an M$ Outlook bug! */
 /* #define CONVERT_EMBEDDED_CRS_IN_HEADERS 1 */
@@ -882,8 +882,8 @@
}
if (n == 2) {
set_dsn(ctx, ans, 2);
-
-   retcode = SMFIS_ACCEPT;
+   cleanup(ctx);
+   return SMFIS_ACCEPT;
}
if (n == 3) {
set_dsn(ctx, ans, 2);
___
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list
MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

RE: [Mimedefang] how to disable notify=success

[Matthew.van.Eerde]

Marco Berizzi wrote:
> Aleksandar Milivojevic wrote:
> 
>> You can also prevent requests for them to hit your users.  IMO, this
>> is good things, since return receipts are very handy way for
>> spammers to verify that an email address exists.
>> 
>> To disable them on SMTP level, simply tell sendmail you want to
>> disable the feature.  Add noreceipts to confPRIVACY_FLAGS in
>> sendmail.mc and reubuild sendmail.cf from it.  For example:
>> 
>> define(`confPRIVACY_FLAGS', `goaway,restrictqrun,noreceipts,noetrn')
> 
> Is this a good thing to do? I was thinking to enable this setting.
> Thanks a lot to everybody for the feedback.

FWIW, I have this:

dnl Tighten down allowed options
dnl goaway = authwarnings, noexpn, novrfy, needmailhelo,
dnl  needmailhelo, needexpnhelo, needvrfyhelo
define(`confPRIVACY_FLAGS',`goaway,noreceipts,nobodyreturn')dnl

-- 
Matthew.van.Eerde (at) hbinc.com   805.964.4554 x902
Hispanic Business Inc./HireDiversity.com   Software Engineer

___
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list
MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

[Mimedefang] uol.com.br rule

[Kenneth Porter]

There's some brain-dead challenge response causing grief on the 
fedora-users and spamassassin lists. Here's my rule for rejecting them. I 
have it before the message_rejected() check in filter_end().


   if ($Sender =~ /[EMAIL PROTECTED]/i)
   {
   action_discard_bounce("We don't do Challenge-Response");
   }

___
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list
MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

Re: [Mimedefang] how to disable notify=success

[Marco Berizzi]

Aleksandar Milivojevic wrote:

You can also prevent requests for them to hit your users.  IMO, this is 
good
things, since return receipts are very handy way for spammers to verify 
that an

email address exists.

To disable them on SMTP level, simply tell sendmail you want to disable the
feature.  Add noreceipts to confPRIVACY_FLAGS in sendmail.mc and reubuild
sendmail.cf from it.  For example:

define(`confPRIVACY_FLAGS', `goaway,restrictqrun,noreceipts,noetrn')


Is this a good thing to do? I was thinking to enable this setting.
Thanks a lot to everybody for the feedback.


___
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list
MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

Re: [Mimedefang] how to disable notify=success

[Aleksandar Milivojevic]

Quoting "Kevin A. McGrail" <[EMAIL PROTECTED]>:


I have to concur but I'll give you more ammunition.

This is pretty broken and large ISPs like AOL and Yahoo may block 
mail servers that do not accept bounces.


For example, from: http://postmaster.aol.com/guidelines/standards.html

 AOL may reject connections from senders who are unable to accept at 
least 90% of the bounce-return messages (mailer-daemon failure/error 
messages) destined for their systems.


Which in turn is also broken.  To make a DOS attack (prevent AOL 
subscribers to

send email to particular domain), one would just generate bunch of emails to
non-existing AOL addresses that would have envelope sender set to non-existing
user at particular domain.  Attacker generates fake emails, AOL generates
bounces, bounces fail, AOL blocks domain.  Nice.



This message was sent using IMP, the Internet Messaging Program.


___
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list
MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

Re: [Mimedefang] how to disable notify=success

[Marco Berizzi]

[EMAIL PROTECTED] wrote:

> Marco Berizzi wrote:
> > Hello.
> > I'm using a sendmail/MIMEDefang box as a gateway for my M$ Exchange
> > 5.5 internal mail server.
> > One of our bigger customers are rejecting all messages from <>, so
> > MDN and return receipt from my M$ exchange relayed through the
> > sendmail/MD box are rejected.
> > I would like to know if there is a way to disable NOTIFY=SUCCESS
with
> > MD.
>
> You can disable delivery notifications in Exchange Administrator.

M$ exchange 5.5? I know there is a post sp4 fix available from PSS,
but I don't like that kind software ;-)

___
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list
MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

Re: [Mimedefang] how to disable notify=success

[Kevin A. McGrail]

I have to concur but I'll give you more ammunition.

This is pretty broken and large ISPs like AOL and Yahoo may block mail servers 
that do not accept bounces.

For example, from: http://postmaster.aol.com/guidelines/standards.html

  AOL may reject connections from senders who are unable to accept at least 90% 
of the bounce-return messages (mailer-daemon failure/error messages) destined 
for their systems.

Regards,
KAM

On Thu, Nov 17, 2005 at 03:43:39PM +, Mark wrote:
> 
> > One of our bigger customers are rejecting all messages
> > from <>,
> 
> Then you need to wax their ears some, and set them straight
> a bit. Do not accommodate to their gross brokenness.
___
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list
MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

Re: [Mimedefang] how to disable notify=success

[Aleksandar Milivojevic]

Quoting Aleksandar Milivojevic <[EMAIL PROTECTED]>:


   return action_bounce("Disposition notifications prohibited");


On second thought, you probably want to call action_discard() instead of
action_bounce here.  If you want to play safe, you might want to store 
the copy
into quarantine first (call action_quarantine before calling 
action_discard). Not much point in bouncing the notification ;-)




This message was sent using IMP, the Internet Messaging Program.


___
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list
MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

Re: [Mimedefang] how to disable notify=success

[Aleksandar Milivojevic]

Quoting Marco Berizzi <[EMAIL PROTECTED]>:


Hello.
I'm using a sendmail/MIMEDefang box as a gateway for my M$ Exchange 
5.5 internal mail server.
One of our bigger customers are rejecting all messages from <>, so 
MDN and return receipt from my M$ exchange relayed through the 
sendmail/MD box are rejected.

I would like to know if there is a way to disable NOTIFY=SUCCESS with MD.


Return receipts can be reqested on two levels.  On SMTP level and in 
headers. In former case they are handled by MTA, and in later by MUA.


To block any disposition notification, also known as return receipts 
(these are

not bounces):

sub filter_end ($) {
 my ($entity) = @_;

 if ($entity->head->get("Content-Type") =~
 m+multipart/report.*disposition-notification+igs) {
   return action_bounce("Disposition notifications prohibited");
 }
}

You can also prevent requests for them to hit your users.  IMO, this is good
things, since return receipts are very handy way for spammers to verify 
that an

email address exists.

To disable them on SMTP level, simply tell sendmail you want to disable the
feature.  Add noreceipts to confPRIVACY_FLAGS in sendmail.mc and reubuild
sendmail.cf from it.  For example:

define(`confPRIVACY_FLAGS', `goaway,restrictqrun,noreceipts,noetrn')

To disable them in the headers, you can siply remove offending headers 
from the

message (you'd do this in filter_end function).  The headers you want to
ruthlessly remove are:

Disposition-Notification-To
Disposition-Notification-Options
Return-Receipt-To
X-Confirm-Reading-To

For example, add this to the above filter_end function:

 my @hremove = ("Disposition-Notification-To",
"Disposition-Notification-Options",
"Return-Receipt-To",
"X-Confirm-Reading-To");
 foreach my $h (@hremove) {
   if ($entity->head->get($h)) {
 action_delete_all_headers($h);
   }
 }



This message was sent using IMP, the Internet Messaging Program.


___
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list
MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

RE: [Mimedefang] how to disable notify=success

[Aleksandar Milivojevic]

Quoting Mark <[EMAIL PROTECTED]>:


One of our bigger customers are rejecting all messages
from <>,


Then you need to wax their ears some, and set them straight
a bit. Do not accommodate to their gross brokenness.


It might be that they are simply rejecting return receipts as such.  
However, if

they are rejecting them, they should be making sure no requests for them are
leaving their organization.  See the second part of my previous reply. 
Although, if email originated from outside of their organization (for 
example,

user sends email from his laptop from home using his ISPs mail server and
organization's email address), there is little they can do to prevent it.



This message was sent using IMP, the Internet Messaging Program.


___
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list
MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

RE: [Mimedefang] how to disable notify=success

[Matthew.van.Eerde]

Marco Berizzi wrote:
> Hello.
> I'm using a sendmail/MIMEDefang box as a gateway for my M$ Exchange
> 5.5 internal mail server.
> One of our bigger customers are rejecting all messages from <>, so
> MDN and return receipt from my M$ exchange relayed through the
> sendmail/MD box are rejected.
> I would like to know if there is a way to disable NOTIFY=SUCCESS with
> MD. 

You can disable delivery notifications in Exchange Administrator.

-- 
Matthew.van.Eerde (at) hbinc.com   805.964.4554 x902
Hispanic Business Inc./HireDiversity.com   Software Engineer

___
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list
MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

RE: [Mimedefang] how to disable notify=success

[Mark]

> -Original Message-
> From: [EMAIL PROTECTED] 
> [mailto:[EMAIL PROTECTED] On 
> Behalf Of Marco Berizzi
> Sent: donderdag 17 november 2005 16:37
> To: mimedefang@lists.roaringpenguin.com
> Subject: [Mimedefang] how to disable notify=success 
> 
> 
> One of our bigger customers are rejecting all messages
> from <>,

Then you need to wax their ears some, and set them straight
a bit. Do not accommodate to their gross brokenness.

- Mark 
 
System Administrator Asarian-host.org
 
---
"If you were supposed to understand it,
we wouldn't call it code." - FedEx

___
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list
MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

[Mimedefang] how to disable notify=success

[Marco Berizzi]

Hello.
I'm using a sendmail/MIMEDefang box as a gateway for my M$ Exchange 5.5 
internal mail server.
One of our bigger customers are rejecting all messages from <>, so MDN and 
return receipt from my M$ exchange relayed through the sendmail/MD box are 
rejected.

I would like to know if there is a way to disable NOTIFY=SUCCESS with MD.

TIA


___
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list
MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

Re: [Mimedefang] Bare returns in message body

[Aleksandar Milivojevic]

Quoting Tomasz Ostrowski <[EMAIL PROTECTED]>:


So I'd propose something like:

/* after message_contains_virus() */
if ($SuspiciousCharsInBody) {
action_rebuild();
}


If any of $SuspisiousCharsIn* are true, I'm doing (as one of the first 
things in

filter_begin, even before checking for viruses):

 action_quarantine_entire_message('descriptive msg');
 return action_bounce('descriptive msg');

I have this setup for very long time, and so far zero complaints from 
users. Even if there were complaints, this is part of anti-virus and 
anti-spam policy,

so I couldn't do anything about it ;-)

Looking at the log files, more than 99% of bounced stuff are viruses and spam,
and remainder is mainly chain letters and similar stuff that nobody really
cares if it gets bounced.  I've just checked this week's log files.  
Almost all

bounced messages (due to suspisious chars in either body or headers) were from
senders like "[EMAIL PROTECTED]" (guess what those are).  Only
two were from something that "looked" like it might have been real email
address.  Checking the quarantine showed those two were viruses.

There was only one email adress in log files that was constantly 
bounced because

of this (in the beggining, when we started using MIMEDefang), but it seems
whoever owned it have fixed his/hers email setup very fast after emails 
started

to bounce.  So bouncing isn't as bad as it may sound, it helps people to fix
problems ;-)


This message was sent using IMP, the Internet Messaging Program.


___
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list
MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

RE: [Mimedefang] Bare returns in message body

[Mark]

> -Original Message-
> From: [EMAIL PROTECTED] 
> [mailto:[EMAIL PROTECTED] On 
> Behalf Of Jan Pieter Cornet
> Sent: woensdag 16 november 2005 10:56
> To: mimedefang@lists.roaringpenguin.com
> Subject: Re: [Mimedefang] Bare returns in message body


> Patching sendmail to reject on bare LF terminated lines is likely
> asking for a LOT of trouble. Since traditionally sendmail doesn't care
> if you used CRLF or just LF, it's likely that lots of (local, unix-
> specific) programs submit messages using only LF line endings. Some
> programs might even implicitly rely on the fact that sendmail
> "corrects" the line endings.

Indeed. I can tell you that, text-processing wise, almost everything I do
on my server, in Perl scripts, starts with something that performs a
"tr//" like function to convert CRLF to single LF. And in Perl you really
kinda want to, as well; otherwise regex-es that count on $ and such (where
you do *not* expect to have the end of your line to be a CR; or things
like /bla\n/, etc.) will surely break.

I have always found it a particular strength that MIME::Tools is not fussy
about either CRLF, or just LF. And I thank sendmail for the same reason.
If this were not the case, you'd have to keep the exact CRLF/LF sequences
of each text, which really can yield quite unexpected, undesired results.
And I'm happy both do their own converting to whatever format they see
fit.

Hence, lets not break things, and keep them the way they are (even if it
does mean that there are scripts out there that do things with CR/LF that,
strictly speaking, are not RFC compliant).

- Mark 
 
System Administrator Asarian-host.org
 
---
"If you were supposed to understand it,
we wouldn't call it code." - FedEx

___
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list
MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

Re: [Mimedefang] Rejecting sender email

[Kevin A. McGrail]

Make sure you have filter_sender enabled (man mimedefang-filter and see 
FILTERING BY SENDER)


Then something (untested) like this should work:

sub filter_sender {
 my ($sender, $ip, $hostname, $helo) = @_;

 if ($sender =~ m/^<[EMAIL PROTECTED]/) {
 return ('REJECT', "Sorry; $sender has wildcards");
 md_syslog('warning', "Rejecting $sender - Wildcards");
 }

 return ('CONTINUE', "ok");
}

Regards
KAM


I want reject sender email using wildcard like [EMAIL PROTECTED] . I
have tried using sendmail it does accept wildcard by default .


___
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list
MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

Re: [Mimedefang] Bare returns in message body

[Tomasz Ostrowski]

On Thu, 10 Nov 2005, David F. Skoll wrote:

> - There is no way to see a lone LF from milter.

Seems that it's no problem, because this should be a case also for
local mailer on unices. At least procmail saves files with bare
.

Does anybody use sendmail on MacOSX (unix to be or not unix to be) or
Windows to check it there?

> - There IS a way to see a lone CR.

So I'd propose something like:

/* after message_contains_virus() */
if ($SuspiciousCharsInBody) {
action_rebuild();
}

But then we should recheck rebuilt message for viruses - in case the
virus program has problems with bare . I don't know how to do
this (message_contains_virus() on modified message). Of course we
don't need to recheck attachments of this message (we build it so
we're sure there won't be anything unexpected) - only the message as
a whole.

Pozdrawiam
Tometzky
-- 
Best of prhn - najzabawniejsze teksty polskiego UseNet-u
http://prhn.dnsalias.org/
  Chaos zawsze pokonuje porządek, gdyż jest lepiej zorganizowany.
  [ Terry Pratchett ]
___
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list
MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

[Mimedefang] Rejecting sender email

[Super-Dome]

Dear ALL 

I want reject sender email using wildcard like [EMAIL PROTECTED] . I 
have tried using sendmail it does accept wildcard by default . 

any code example will be really helpful

Regards 

SD 

___
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list
MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang