Re: [Mimedefang] Little help with no checks for AUTH users on 587
On Fri, 22 Nov 2013 14:16:16 -0600 Ben Kamen wrote: > > Nov 22 13:43:22 cornelius mimedefang.pl[11099]: rAMJhIGv015058: > > Message contains more than one Subject: header: > subject line which I removed for this post> You should not call read_commands_file from filter_end. It should only be called from filter_relay, filter_helo, filter_sender or filter_recipient Regards, David. ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Little help with no checks for AUTH users on 587
On 2013-11-22 1:09 PM, Ben Kamen wrote: On 2013-11-22 12:52 PM, Joseph Brennan wrote: Ben Kamen wrote: Just put it in before you do any action_bounce Joseph Brennan Got it -- thanks! Erm, I don't think that quite worked. In my /etc/mail/mimedefang-filter, I have: sub filter_end { my($entity) = @_; read_commands_file(); if ( defined($SendmailMacros{'auth_type'})) { return ('ACCEPT_AND_NO_MORE_FILTERING', "ok"); } And now mimedefang still runs, but I get this in the log files... Nov 22 13:43:22 cornelius mimedefang.pl[11099]: rAMJhIGv015058: Message contains more than one Subject: header: -Ben ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Little help with no checks for AUTH users on 587
On 2013-11-22 12:52 PM, Joseph Brennan wrote: Ben Kamen wrote: Just put it in before you do any action_bounce Joseph Brennan Got it -- thanks! -ben ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Little help with no checks for AUTH users on 587
Ben Kamen wrote: So to all (Like Joseph) , it looks like I can add this to filter_end near/at the top -- returning the ACCEPT_AND_NO_MORE_FILTERING as described in the following emails. Yes? Just put it in before you do any action_bounce Joseph Brennan Columbia University I T ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Little help with no checks for AUTH users on 587
Thanks for all the replies... I don't actually need to worry about "port number" -- 465 or 587... as long as the user has authenticated, that's what I'm chasing after. For Steffen, I'm looking in /etc/mail/mimedefang-filter and don't see filter_recipient or filter_sender. (I'm on mimedefang 2.74 as packaged up on EPEL running on CentOS) So to all (Like Joseph) , it looks like I can add this to filter_end near/at the top -- returning the ACCEPT_AND_NO_MORE_FILTERING as described in the following emails. Yes? Thanks, -Ben ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Little help with no checks for AUTH users on 587
But don't you need the "read_commands_file();" before hand or is that not need any longer? read_commands_file(); if ( defined($SendmailMacros{'auth_type'})) { $good = 1; } Cheers, Andrew On 11/22/13 14:05, Joseph Brennan wrote: On Thu, 21 Nov 2013, Ben Kamen wrote: I need a little quick help -- in my mimedefang milter, what can I put in to bypass checking emails being relayed by my server submitted on 587 by authorized users?? We have this near the top: undef $good; # SMTP Authentication if (defined $SendmailMacros{"auth_type"}) { $good = 1; } And then later for any routine we can test $good. Because of stolen (phished) passwords we don't exempt smtp auth mail -- we just treat it a little differently. Some checks are skipped and there are special checks only for smtp auth mail. (The name $good is therefore rather historical in nature! Those were the days.) Notice that this does not check the port, but only whether SMTP Auth succeeded. That's all we require here. I don't know how to test the port. Notice you must clear $good per message. Since we use it as a per-message global we undef it at the top and then define it (or not), instead of using my. Joseph Brennan Columbia University IT ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang -- Andrew Watkins * Birkbeck, University of London * Computer Science * * UKOUG Solaris SIG Co-Chair * http://notallmicrosoft.blogspot.com/ ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Little help with no checks for AUTH users on 587
On Thu, 21 Nov 2013, Ben Kamen wrote: I need a little quick help -- in my mimedefang milter, what can I put in to bypass checking emails being relayed by my server submitted on 587 by authorized users?? We have this near the top: undef $good; # SMTP Authentication if (defined $SendmailMacros{"auth_type"}) { $good = 1; } And then later for any routine we can test $good. Because of stolen (phished) passwords we don't exempt smtp auth mail -- we just treat it a little differently. Some checks are skipped and there are special checks only for smtp auth mail. (The name $good is therefore rather historical in nature! Those were the days.) Notice that this does not check the port, but only whether SMTP Auth succeeded. That's all we require here. I don't know how to test the port. Notice you must clear $good per message. Since we use it as a per-message global we undef it at the top and then define it (or not), instead of using my. Joseph Brennan Columbia University IT ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang