Re: [Mimedefang] Little help with no checks for AUTH users on 587

[David F. Skoll]

On Sat, 23 Nov 2013 13:38:56 -0600
Ben Kamen bka...@benjammin.net wrote:

   I don't see any of those in my /etc/mail/mimedefang-filter, where
 would I normally see those or do I have to write them?

You'd have to write them, and if you don't need them you don't have to
write them.

Regards,

David.
___
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID.  You may ignore it.

Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

Re: [Mimedefang] Little help with no checks for AUTH users on 587

[David F. Skoll]

On Sun, 24 Nov 2013 21:24:53 -0700
Mark Costlow che...@swcp.com wrote:

 Is it OK to call read_commands_file() from filter_relay?  When I do, I
 get this error:

Ah, no, sorry.  I forgot... Sendmail does not assign a Queue-ID until
the MAIL FROM: stage.

 I think the man page said it can only be called from filter_sender and
 filter_recipient, but I was hoping I could use it in filter_relay to
 get access to %SendmailMacros.

Unfortunately not.

Regards,

David.
___
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID.  You may ignore it.

Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

Re: [Mimedefang] Little help with no checks for AUTH users on 587

[Ben Kamen]

On 2013-11-25 7:55 AM, David F. Skoll wrote:

On Sat, 23 Nov 2013 13:38:56 -0600
Ben Kamen bka...@benjammin.net wrote:


   I don't see any of those in my /etc/mail/mimedefang-filter, where
would I normally see those or do I have to write them?


You'd have to write them, and if you don't need them you don't have to
write them.


Ok -- I follow.. I just wanted to make sure my default filter wasn't missing 
something.

I'll see what I can come up with - thanks!

 -Ben
___
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID.  You may ignore it.

Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

Re: [Mimedefang] Little help with no checks for AUTH users on 587

[Mark Costlow]

On Fri, Nov 22, 2013 at 03:25:29PM -0500, David F. Skoll wrote:
 On Fri, 22 Nov 2013 14:16:16 -0600
 Ben Kamen bka...@benjammin.net wrote:
 
   Nov 22 13:43:22 cornelius mimedefang.pl[11099]: rAMJhIGv015058:
   Message contains more than one Subject: header:  and then some
   subject line which I removed for this post
 
 You should not call read_commands_file from filter_end.  It should only
 be called from filter_relay, filter_helo, filter_sender or filter_recipient

Is it OK to call read_commands_file() from filter_relay?  When I do, I
get this error:

   mimedefang.pl[6920]: Cannot open COMMANDS file from mimedefang: No such file 
or directory
   mimedefang[6935]: Error from multiplexor: error: Cannot open COMMANDS file 
from mimedefang: No such file or directory

I think the man page said it can only be called from filter_sender and
filter_recipient, but I was hoping I could use it in filter_relay to
get access to %SendmailMacros.

Thanks,

Mark
-- 
Mark Costlow| Southwest Cyberport | Fax:   +1-505-232-7975
che...@swcp.com | Web:   www.swcp.com | Voice: +1-505-232-7992

Mail Minder - Intelligent Push Notifications for Email on the iPhone
http://mailminderapp.com/download  or in the App Store

___
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID.  You may ignore it.

Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

Re: [Mimedefang] Little help with no checks for AUTH users on 587

[Ben Kamen]

On 2013-11-22 2:25 PM, David F. Skoll wrote:


You should not call read_commands_file from filter_end.  It should only
be called from filter_relay, filter_helo, filter_sender or filter_recipient


Hi David,

 I don't see any of those in my /etc/mail/mimedefang-filter, where would I 
normally see those
or do I have to write them?

Thanks a bunch,

 -Ben

___
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID.  You may ignore it.

Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

Re: [Mimedefang] Little help with no checks for AUTH users on 587

[Joseph Brennan]

On Thu, 21 Nov 2013, Ben Kamen wrote:


I need a little quick help -- in my mimedefang milter, what can I put in
to bypass checking emails being relayed by my server submitted on 587 by
authorized users??



We have this near the top:

   undef $good;

   # SMTP Authentication 


   if (defined $SendmailMacros{auth_type}) {
   $good = 1;
   }

And then later for any routine we can test $good. Because of stolen 
(phished) passwords we don't exempt smtp auth mail -- we just treat it a 
little differently. Some checks are skipped and there are special checks 
only for smtp auth mail. (The name $good is therefore rather historical in 
nature! Those were the days.)


Notice that this does not check the port, but only whether SMTP Auth 
succeeded. That's all we require here. I don't know how to test the port.


Notice you must clear $good per message. Since we use it as a per-message 
global we undef it at the top and then define it (or not), instead of using 
my.


Joseph Brennan
Columbia University IT




___
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID.  You may ignore it.

Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

Re: [Mimedefang] Little help with no checks for AUTH users on 587

[Ben Kamen]

Thanks for all the replies...

I don't actually need to worry about port number -- 465 or 587... as long as 
the user has
authenticated, that's what I'm chasing after.

For Steffen,

 I'm looking in /etc/mail/mimedefang-filter and don't see filter_recipient or 
filter_sender.
(I'm on mimedefang 2.74 as packaged up on EPEL running on CentOS)

So to all (Like Joseph) , it looks like I can add this to filter_end near/at 
the top -- returning the ACCEPT_AND_NO_MORE_FILTERING as described in the 
following emails. Yes?

Thanks,

 -Ben
___
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID.  You may ignore it.

Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

Re: [Mimedefang] Little help with no checks for AUTH users on 587

[Joseph Brennan]

Ben Kamen bka...@benjammin.net wrote:



So to all (Like Joseph) , it looks like I can add this to filter_end
near/at the top -- returning the ACCEPT_AND_NO_MORE_FILTERING as
described in the following emails. Yes?


Just put it in before you do any action_bounce

Joseph Brennan
Columbia University I T



___
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID.  You may ignore it.

Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

Re: [Mimedefang] Little help with no checks for AUTH users on 587

[Ben Kamen]

On 2013-11-22 12:52 PM, Joseph Brennan wrote:

Ben Kamen bka...@benjammin.net wrote:

Just put it in before you do any action_bounce

Joseph Brennan


Got it -- thanks!


  -ben
___
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID.  You may ignore it.

Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

Re: [Mimedefang] Little help with no checks for AUTH users on 587

[Ben Kamen]

On 2013-11-22 1:09 PM, Ben Kamen wrote:

On 2013-11-22 12:52 PM, Joseph Brennan wrote:

Ben Kamen bka...@benjammin.net wrote:

Just put it in before you do any action_bounce

Joseph Brennan


Got it -- thanks!


Erm, I don't think that quite worked.

In my /etc/mail/mimedefang-filter, I have:


sub filter_end {
my($entity) = @_;

read_commands_file();
if ( defined($SendmailMacros{'auth_type'})) {
return ('ACCEPT_AND_NO_MORE_FILTERING', ok);
}


And now mimedefang still runs, but I get this in the log files...


Nov 22 13:43:22 cornelius mimedefang.pl[11099]: rAMJhIGv015058: Message contains more 
than one Subject: header:  and then some subject line which I removed for this 
post




 -Ben
___
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID.  You may ignore it.

Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

Re: [Mimedefang] Little help with no checks for AUTH users on 587

[David F. Skoll]

On Fri, 22 Nov 2013 14:16:16 -0600
Ben Kamen bka...@benjammin.net wrote:

  Nov 22 13:43:22 cornelius mimedefang.pl[11099]: rAMJhIGv015058:
  Message contains more than one Subject: header:  and then some
  subject line which I removed for this post

You should not call read_commands_file from filter_end.  It should only
be called from filter_relay, filter_helo, filter_sender or filter_recipient

Regards,

David.
___
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID.  You may ignore it.

Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

Re: [Mimedefang] Little help with no checks for AUTH users on 587

[Steffen Kaiser]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Thu, 21 Nov 2013, Ben Kamen wrote:


I need a little quick help -- in my mimedefang milter, what can I put in to
bypass checking emails being relayed by my server submitted on 587 by 
authorized users??


Check out %SendmailMacros, in filter_recipient and filter_sender you need 
to call read_commands_file() first.


Add a test [ for existance usually do ] at the right spot [usually almost 
at the top] in your filter functions.


There is a return code of ACCEPT_AND_NO_MORE_FILTERING, which should 
replace the explicit test in each function.


- -- 
Steffen Kaiser

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)

iQEVAwUBUo8Kt58mjdm1m0FfAQJddAgAoURaI91yVCMgDLl1nEY0Ztn4uRkwDoP4
luoEnQPxKC2WhIEEJ311yzszcsbEHPxDm/KVYAvG5izL7toHkrOCYkce+dYdU3D8
1dlbwMl7kQzgeuROmU861H9LlyOpi13hsV/KGET5q7QRDz/kzDt4kSv3mUH1EQLP
7s/NK2rVvnFuNth+KDQ6B1zNzz3nH73ln8/UfBS9YmP/P5Ij1I2iB7SncNFywnaK
Ae9SSSOao8PDBdg+IK70ZRLnqB2ozgpNzJljDKze6rFBBafvfKL+IDbPIWcgjeHg
Cml2HmTLENZ2ApIxycQF0VN2ypc91tKQv9v6B3+Wfn/mTeXMI9ZGkg==
=Z5GE
-END PGP SIGNATURE-
___
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID.  You may ignore it.

Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang