Re: [Mimedefang] Little help with no checks for AUTH users on 587
On Fri, 22 Nov 2013 14:16:16 -0600 Ben Kamen wrote: > > Nov 22 13:43:22 cornelius mimedefang.pl[11099]: rAMJhIGv015058: > > Message contains more than one Subject: header: > subject line which I removed for this post> You should not call read_commands_file from filter_end. It should only be called from filter_relay, filter_helo, filter_sender or filter_recipient Regards, David. ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Little help with no checks for AUTH users on 587
On 2013-11-22 1:09 PM, Ben Kamen wrote:
On 2013-11-22 12:52 PM, Joseph Brennan wrote:
Ben Kamen wrote:
Just put it in before you do any action_bounce
Joseph Brennan
Got it -- thanks!
Erm, I don't think that quite worked.
In my /etc/mail/mimedefang-filter, I have:
sub filter_end {
my($entity) = @_;
read_commands_file();
if ( defined($SendmailMacros{'auth_type'})) {
return ('ACCEPT_AND_NO_MORE_FILTERING', "ok");
}
And now mimedefang still runs, but I get this in the log files...
Nov 22 13:43:22 cornelius mimedefang.pl[11099]: rAMJhIGv015058: Message contains more
than one Subject: header:
-Ben
___
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID. You may ignore it.
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Little help with no checks for AUTH users on 587
On 2013-11-22 12:52 PM, Joseph Brennan wrote: Ben Kamen wrote: Just put it in before you do any action_bounce Joseph Brennan Got it -- thanks! -ben ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Little help with no checks for AUTH users on 587
Ben Kamen wrote: So to all (Like Joseph) , it looks like I can add this to filter_end near/at the top -- returning the ACCEPT_AND_NO_MORE_FILTERING as described in the following emails. Yes? Just put it in before you do any action_bounce Joseph Brennan Columbia University I T ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Little help with no checks for AUTH users on 587
Thanks for all the replies... I don't actually need to worry about "port number" -- 465 or 587... as long as the user has authenticated, that's what I'm chasing after. For Steffen, I'm looking in /etc/mail/mimedefang-filter and don't see filter_recipient or filter_sender. (I'm on mimedefang 2.74 as packaged up on EPEL running on CentOS) So to all (Like Joseph) , it looks like I can add this to filter_end near/at the top -- returning the ACCEPT_AND_NO_MORE_FILTERING as described in the following emails. Yes? Thanks, -Ben ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Little help with no checks for AUTH users on 587
But don't you need the "read_commands_file();" before hand or is that
not need any longer?
read_commands_file();
if ( defined($SendmailMacros{'auth_type'})) {
$good = 1;
}
Cheers,
Andrew
On 11/22/13 14:05, Joseph Brennan wrote:
On Thu, 21 Nov 2013, Ben Kamen wrote:
I need a little quick help -- in my mimedefang milter, what can I put in
to bypass checking emails being relayed by my server submitted on 587 by
authorized users??
We have this near the top:
undef $good;
# SMTP Authentication
if (defined $SendmailMacros{"auth_type"}) {
$good = 1;
}
And then later for any routine we can test $good. Because of stolen
(phished) passwords we don't exempt smtp auth mail -- we just treat it a
little differently. Some checks are skipped and there are special checks
only for smtp auth mail. (The name $good is therefore rather historical
in nature! Those were the days.)
Notice that this does not check the port, but only whether SMTP Auth
succeeded. That's all we require here. I don't know how to test the port.
Notice you must clear $good per message. Since we use it as a
per-message global we undef it at the top and then define it (or not),
instead of using my.
Joseph Brennan
Columbia University IT
___
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID. You may ignore it.
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
--
Andrew Watkins * Birkbeck, University of London * Computer Science *
* UKOUG Solaris SIG Co-Chair *
http://notallmicrosoft.blogspot.com/
___
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID. You may ignore it.
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Little help with no checks for AUTH users on 587
On Thu, 21 Nov 2013, Ben Kamen wrote:
I need a little quick help -- in my mimedefang milter, what can I put in
to bypass checking emails being relayed by my server submitted on 587 by
authorized users??
We have this near the top:
undef $good;
# SMTP Authentication
if (defined $SendmailMacros{"auth_type"}) {
$good = 1;
}
And then later for any routine we can test $good. Because of stolen
(phished) passwords we don't exempt smtp auth mail -- we just treat it a
little differently. Some checks are skipped and there are special checks
only for smtp auth mail. (The name $good is therefore rather historical in
nature! Those were the days.)
Notice that this does not check the port, but only whether SMTP Auth
succeeded. That's all we require here. I don't know how to test the port.
Notice you must clear $good per message. Since we use it as a per-message
global we undef it at the top and then define it (or not), instead of using
my.
Joseph Brennan
Columbia University IT
___
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID. You may ignore it.
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
