Re: [Mimedefang] utf-8 issue?
On 12/12/2017 20:03, Dianne Skoll wrote: On Tue, 12 Dec 2017 15:43:14 +0200 Mark Coetser <m...@tux-edo.co.za> wrote: Error from multiplexor: ERR No response from slave Reap: slave 1 (pid 15022) exited normally with status 22 (SLAVE DIED UNEXPECTEDLY) I've never seen this before. I'm also not convinced it's related to the UTF-8 issue. Could you post the exact filter you are using? I'm also running on Stretch, btw. Regards, Dianne. ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang filter attached, I am doing some other stuff in there but as I said this filter has been in place for many years and only recently have those errors been occurring... Thank you, Mark Adrian Coetser # -*- Perl -*- #*** # # mimedefang-filter # # Suggested minimum-protection filter for Microsoft Windows clients, plus # SpamAssassin checks if SpamAssassin is installed. # # Copyright (C) 2002 Roaring Penguin Software Inc. # # This program may be distributed under the terms of the GNU General # Public License, Version 2, or (at your option) any later version. # # $Id: mimedefang-filter,v 1.7 2009/10/12 09:49:13 root Exp $ #*** $SALocalTestsOnly = 0; #*** # Set administrator's e-mail address here. The administrator receives # quarantine messages and is listed as the contact for site-wide # MIMEDefang policy. A good example would be 'defang-ad...@mydomain.com' #*** $AdminAddress = 'postmas...@domain.co.za'; $AdminName = "PKF mail firewall"; #*** # Set the e-mail address from which MIMEDefang quarantine warnings and # user notifications appear to come. A good example would be # 'mimedef...@mydomain.com'. Make sure to have an alias for this # address if you want replies to it to work. #*** $DaemonAddress = 'mimedef...@domain.co.za'; $LocalHostName = 'mailhub01'; #*** # If you set $AddWarningsInline to 1, then MIMEDefang tries *very* hard # to add warnings directly in the message body (text or html) rather # than adding a separate "WARNING.TXT" MIME part. If the message # has no text or html part, then a separate MIME part is still used. #*** $AddWarningsInline = 0; #*** # To enable syslogging of virus and spam activity, add the following # to the filter: # md_graphdefang_log_enable(); # You may optionally provide a syslogging facility by passing an # argument such as: md_graphdefang_log_enable('local4'); If you do this, be # sure to setup the new syslog facility (probably in /etc/syslog.conf). # An optional second argument causes a line of output to be produced # for each recipient (if it is 1), or only a single summary line # for all recipients (if it is 0.) The default is 1. # Comment this line out to disable logging. #*** md_graphdefang_log_enable('mail', 1); #*** # Uncomment this to block messages with more than 50 parts. This will # *NOT* work unless you're using Roaring Penguin's patched version # of MIME tools, version MIME-tools-5.411a-RP-Patched-02 or later. # # WARNING: DO NOT SET THIS VARIABLE unless you're using at least # MIME-tools-5.411a-RP-Patched-02; otherwise, your filter will fail. #*** # $MaxMIMEParts = 50; #*** # Set various stupid things your mail client does below. #*** # Set the next one if your mail client cannot handle multiple "inline" # parts. $Stupidity{"NoMultipleInlines"} = 0; # Detect and load Perl modules detect_and_load_perl_modules(); # This procedure returns true for entities with bad filenames. sub filter_bad_filename { my($entity) = @_; my($bad_exts, $re); # Bad extensions $bad_exts = '(ade|adp|app|asd|asf|asx|bas|bat|chm|cmd|com|cpl|crt|dll|exe|fxp|hlp|hta|hto|inf|ini|ins|isp|jse?|lib|lnk|mdb|mde|msc|msi|msp|mst|ocx|pcd|pif|prg|reg|scr|sct|sh|shb|shs|sys|
[Mimedefang] utf-8 issue?
Hi I have 4 different mail hubs, all running latest debian ii perl 5.24.1-3+deb9u2i386 Larry Wall's Practical Extraction and Report Language ii mimedefang 2.79-2 i386 e-mail filter program for sendmail Recently I am seeing alot of the following errors Error from multiplexor: ERR No response from slave Reap: slave 1 (pid 15022) exited normally with status 22 (SLAVE DIED UNEXPECTEDLY) The above are logged in mail.err and are related to the following in mail.log which rejects the email with a "try again later" message until the email eveentually bounces after 5 days. stderr: open body: Invalid argument at /usr/share/perl5/MIME/Entity.pm line 1878. A google search shows this topic https://lists.roaringpenguin.com/pipermail/mimedefang/2013-February/036880.html But I am not doing anything with MIME::Entity; and the filter is pretty much the stock microsoft mimedefang-filter and this does seem to be related from the upgrade from Debian Jessie to Stretch, does anyone have any pointers? -- Thank you, Mark Adrian Coetser ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] best practices for handling filename extensions
On 05/10/2017 06:41, Michael Fox wrote: I'm looking to understand best practices with regard to rejecting filename extensions. The example provided in /usr/share/doc/mimedefang shows a very long list of extensions to be rejected. I know some hosted mail providers don't allow .exe. It annoys me but I just change the extension and it goes through. And I know that some providers don't allow .zip. So folks using those providers just change it to .piz and it goes through. I presume this is, indeed, a little safer, since the recipient has to take an extra step to change the extension. And, presumably, they would only do that if they knew what they were getting. But I wonder if that's just the appearance of additional security or if it's a true improvement. So, what do the folks here with much more experience than I do, and why? Thanks much, Michael Pretty sure the filetype matching is done by checking the actual mime type of the file not just what the file extension is, so just renaming the file will still not allow the file through. Thank you, Mark Adrian Coetser ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] adding promotional banner to top of email
On 24/06/2017 16:22, Dianne Skoll wrote: On Sat, 24 Jun 2017 10:18:59 -0400 Dianne Skollwrote: You'd need to roll your own. It's non-trivial, given the infinite ways HTML can be malformed. I would also echo the comments of others on the list who have recommended against this. Adding promotional material to emails will quickly get them marked as spam, and if you add it to emails in transit that you did not originate, you could quite possibly be breaking the law. Regards, Dianne. Hi Does anyone have any links to info regarding why this is a bad idea etc, would like to pass this onto the client. ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
[Mimedefang] blocked file types in text file
Hi Ppl I don't know the first thing about perl so please be patient. If I wanted to create a text file with all the blocked filetypes, how would I include that text file in my mimedefang-filter ? Would I be able to do something like sub filter_bad_filename ($) { my($entity) = @_; my($bad_exts, $re); # Bad extensions $bad_exts = '/etc/mail/mimedefang-badexts'; # Do not allow: # - CLSIDs {foobarbaz} # - bad extensions (possibly with trailing dots) at end $re = '\.' . $bad_exts . '\.*$'; return 1 if (re_match($entity, $re)); # Look inside ZIP files if (re_match($entity, '\.zip$') and $Features{Archive::Zip}) { my $bh = $entity-bodyhandle(); if (defined($bh)) { my $path = $bh-path(); if (defined($path)) { return re_match_in_zip_directory($path, $re); } } } return 0; } /etc/mail/mimedefang-badexts ade adp app asd asf asx bas bat chm cmd com cpl crt dll exe fxp hlp hta hto inf ini ins isp jse? lib lnk mdb mde \{[^\}]+\} /etc/mail/mimedefang-badexts Thank you, Mark Adrian Coetser [EMAIL PROTECTED] http://www.tux-edo.co.za, http://www.thummb.com cel: +27 76 527 8789 tel: +27 11 805 2076 fax: +27 11 805 2330 ___ Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
RE: [Mimedefang] quarantine and notify recipient
From my understanding of send_quarantine_notifications is that it only notifies the administrator of the quarantine From the man page send_quarantine_notifications() This function should be called from filter_end. If any parts were quarantined, a quarantine notification is sent to the MIMEDefang administrator. Please note that if you do not call send_quarantine_notifications, then no quarantine notifications are sent. Mark -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Paul Murphy Sent: 26 July 2005 06:48 PM To: mimedefang@lists.roaringpenguin.com Subject: RE: [Mimedefang] quarantine and notify recipient How about send_quarantine_notifications(), which is provided by MIMEDefang? Read the man page for mimedefang-filter for details. Paul. -Original Message- From: Mark Coetser [mailto:[EMAIL PROTECTED] Sent: Tue 26/07/2005 11:30 To: MIMEDefang@lists.roaringpenguin.com Cc: Subject: [Mimedefang] quarantine and notify recipient Hi Ppl I have been searching and reading but cant find anything that allows me to notify the recipient that there email has been quarantined, I have a filter for spam that dumps it into the quarantine directory but I need to notify the recipient that the email has been quarantined ? Thank you, Mark Adrian Coetser [EMAIL PROTECTED], [EMAIL PROTECTED] http://www.bwbtrading.co.za http://www.thummb.com cel: +27 83 296 1199 tel: +27 11 334 7779 ___ Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang ___ Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang ___ Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang