[Mimedefang] action_change_header

Hey If I use action_change_header in the begining of the filter_begin, will the header I add/change be readable later on? I noted the action_rebuild so my guess would be yes, but i just need to be sure before I go any futher on this path :) Thanks. Med venlig hilsen Thomas Kristensen

[Mimedefang] MIMEDefang 2.84 is Released

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, everyone, A really minor release is available at https://mimedefang.org/download Release notes are below, Regards, Dianne. 2018-03-21 Dianne Skoll * MIMEDefang 2.84 RELEASED * mimedefang.pl:

Re: [Mimedefang] DKIM and boilerplate conflict

Thank you Dianne so much for the information as I was looking at an older version of the man page which only had four steps in the calling sequence. Thanks to you and all who have helped develop such an elegant framework. -Randy ___ NOTE: If there is

Re: [Mimedefang] DKIM and boilerplate conflict

On 02/22/2018 09:16 PM, Randy Candy wrote: >     my $signature = $dkim->signature()->as_string(); >     $signature =~ s/^DKIM-Signature:\s+//i; >     action_add_header('DKIM-Signature', $signature); On a related note... I just implement DKIM signing a few days

Re: [Mimedefang] DKIM and boilerplate conflict

On Fri, 23 Feb 2018 04:16:40 +0100 "Randy Candy" wrote: > I have implemented the following subroutine dkim_sign (listed below) > and call it from filter_end after I verify that specific criteria are > met. Prior to calling dkim_sign I utilize append_text_boilerplate > and then

[Mimedefang] DKIM and boilerplate conflict

Hello,   I have implemented the following subroutine dkim_sign (listed below) and call it from filter_end after I verify that specific criteria are met.  Prior to calling dkim_sign I utilize append_text_boilerplate and then call action_rebuild.    My question is how do I pass the email with

[Mimedefang] mimedefang vs spamassassin

Hello guys, i'm using mimedefang with spamassasin, when I directly test an email with the command "spamassain -t file.eml", I got results like this: Dails de l'analyse du message: (-5.8 points, 3.0 requis) -5.0 RCVD_IN_DNSWL_HI RBL: Sender listed at http://www.dnswl.org/, high

Re: [Mimedefang] action_drop_with_warning called outside of filter context

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 2018/02/21 8:13 AM, saqariden wrote: > We are running mimedefang with Spamassassin and Clamav to secure > our mailling server. but actually, i have a probleme with > mimedefang-filter. the following error appear when a virus is > detected: > >

[Mimedefang] action_drop_with_warning called outside of filter context

Hello, We are running mimedefang with Spamassassin and Clamav to secure our mailling server. but actually, i have a probleme with mimedefang-filter. the following error appear when a virus is detected: mimedefang.pl[10245]: w1K87JOB027594: Detected virus PUA.Win.Trojan.EmbeddedPDF-1

Re: [Mimedefang] Postfix: How to run the milter BEFORE reject_unverified_recipient

Benoit Panizzon: > Hi Wietse > > > Not possible. The Milter protocol implements the 'change sender' > > feature AFTER the entire message is received. That is long > > after the MAIL FROM and RCPT TO commands. > > Ok, so if you activate reject_unverified_recipient it's not possible to > tell

Re: [Mimedefang] Postfix: How to run the milter BEFORE reject_unverified_recipient

Hi Wietse > Not possible. The Milter protocol implements the 'change sender' > feature AFTER the entire message is received. That is long > after the MAIL FROM and RCPT TO commands. Ok, so if you activate reject_unverified_recipient it's not possible to tell postfix not to call this function for

[Mimedefang] Postfix: How to run the milter BEFORE reject_unverified_recipient

Dear Lists (sorry for the xpost). I have a milter which performs SRS Signing in case of forwarded emails and SRS Verification of bounces. This worked quite well, until we configured our mail plattform to also relay emails for other domains and thus activated reject_unverified_recipient to

Re: [Mimedefang] Cant reload filter

Hi Thomas, that's the embedded perl option if my memory is correct You can turn that option off and you can then reread. The multiplexer design is very elegant so I don't think it provides a huge benefit but I use code that calls spamd without spamd in the md child. I think it has some

Re: [Mimedefang] cpanel whm centos 6.9 flag on header keywords?

Chip wrote: So I'm trying to ascertain the real value of jumping ship from the filtering capabilities of SpamAssassin (which can use regex expressions) to a .procmail/perl module hybrid. They're tools for different types of mail filtering. You can't really replace one with the other.

Re: [Mimedefang] cpanel whm centos 6.9 flag on header keywords?

On 10 Jan 2018, at 11:05, Dianne Skoll wrote: > Isn't procmail no longer maintained because of a vulneravblity? > > > I believe it's still maintained. Nope. See https://marc.info/?l=openbsd-ports=141634350915839=2 ___ NOTE: If there is a disclaimer or

Re: [Mimedefang] cpanel whm centos 6.9 flag on header keywords?

So I'm trying to ascertain the real value of jumping ship from the filtering capabilities of SpamAssassin (which can use regex expressions) to a .procmail/perl module hybrid. Whereas SpamAssassin is already built into Cpanel/WHM and is opeartional and I have minimally tested it to approval, the

Re: [Mimedefang] cpanel whm centos 6.9 flag on header keywords?

On Wed, 10 Jan 2018 11:20:50 -0500 Chip wrote: > Are you saying that you are not actually using .procmail except to > offload the processing to mail-filter.pl? Yes, exactly. Regards, Dianne. ___ NOTE: If there is a disclaimer

Re: [Mimedefang] cpanel whm centos 6.9 flag on header keywords?

On Wed, 10 Jan 2018 09:50:18 -0500 Chip wrote: > Isn't procmail no longer maintained because of a vulneravblity? I believe it's still maintained. However, procmail sucks (that's a technical term.) My .procmailrc looks like this: :0 | /usr/bin/perl

Re: [Mimedefang] cpanel whm centos 6.9 flag on header keywords?

A couple of thoughts on this: Isn't procmail no longer maintained because of a vulneravblity? Doesn't SpamAssassin change subject lines? On 01/10/2018 01:36 AM, Steffen Kaiser wrote: > On Tue, 9 Jan 2018, Kris Deugau wrote: > > > Chip wrote: > >> Newbie excited to use the features of

Re: [Mimedefang] cpanel whm centos 6.9 flag on header keywords?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Tue, 9 Jan 2018, Kris Deugau wrote: Chip wrote: Newbie excited to use the features of mimedefang for a new project that needs to flag inbound email for sorting into folders  (this can be done via cpanel-level filtering) based on keywords in

Re: [Mimedefang] cpanel whm centos 6.9 flag on header keywords?

Hi, As far as I'm aware, cPanel *requires* you to use the Exim MTA, and MIMEDefang is not compatible with Exim. There is therefore no way to install MIMEDefang on a machine running cPanel. You need a different strategy. Maybe a commercial spam-filtering service, which we do offer. :)

Re: [Mimedefang] cpanel whm centos 6.9 flag on header keywords?

Cpanel with Exim supports rudimentary filters - that's the rub. They are very rudimentary.  They can sort inbound email into specific folders based headers, but unable (as far as I know) to sort based on a dkim status.  That's what I need - to place dkim failed signatures into one folder, passed

Re: [Mimedefang] cpanel whm centos 6.9 flag on header keywords?

ls -l /usr/sbin shows: -rwxr-sr-x  1 root mailtrap    12039 Nov 29 19:47 sendmail  that's all ls -l shows.  Can't see a sym link here. the "sendmail" word is highlighted in yellow, though, for what that is worth. On 01/09/2018 12:16 PM, Joseph Brennan wrote: >> Running "rpm -q sendmail postfix

Re: [Mimedefang] cpanel whm centos 6.9 flag on header keywords?

Chip wrote: Newbie excited to use the features of mimedefang for a new project that needs to flag inbound email for sorting into folders  (this can be done via cpanel-level filtering) based on keywords in headers. MIMEDefang would be a powerful point of access, but it's not very

Re: [Mimedefang] cpanel whm centos 6.9 flag on header keywords?

> Running "rpm -q sendmail postfix exim" show sendmail is not installed > yet there is a sendmail binary in /usr/sbin/sendmail. No sendmail.mc > anywhere in system. SpamAssassin version 3.4.1 running on Perl version > 5.10.1. Using "ls -l" you will find that /usr/sbin/sendmail is a symlink to

[Mimedefang] cpanel whm centos 6.9 flag on header keywords?

Newbie excited to use the features of mimedefang for a new project that needs to flag inbound email for sorting into folders  (this can be done via cpanel-level filtering) based on keywords in headers. This is a Centos 6.9 machine running cpanel/WHM 11.68.0.23. Running "rpm -q sendmail postfix

Re: [Mimedefang] typo in hour_str()?

On Tue, 26 Dec 2017 00:59:23 +0100 Franz Schwartau wrote: > After upgrading to 2.83 of mimedefang I'm wondering if "$min+1" should > read "$mon+1" in hour_str(): It should; I have it fixed in git, but haven't made a new release of MIMEDefang with the fix in place yet.

[Mimedefang] typo in hour_str()?

Merry Christmas! After upgrading to 2.83 of mimedefang I'm wondering if "$min+1" should read "$mon+1" in hour_str(): sub hour_str { my($sec, $min, $hour, $mday, $mon, $year, $junk); ($sec, $min, $hour, $mday, $mon, $year, $junk) = localtime(time()); return

Re: [Mimedefang] utf-8 issue?

On Thu, 14 Dec 2017 17:26:38 -0500 "Bill Cole" wrote: > > This will cause other problems down the line. I suggest you > > study the section "Byte and Character Semantics" in the perlunicode > > man page. > Thanks for the reference and for your patience

Re: [Mimedefang] utf-8 issue?

On 14 Dec 2017, at 9:14 (-0500), Dianne Skoll wrote: On Wed, 13 Dec 2017 20:37:36 -0500 "Bill Cole" wrote: -return IO::File->new(\ $self->{MBS_Data}, $mode); +return IO::Scalar->new(\ $self->{MBS_Data}, $mode); This will cause other problems

Re: [Mimedefang] Is calling action_rebuild() idempotent?

On Thu, 14 Dec 2017 08:52:32 -0800 Amit Gupta wrote: > If I call action_rebuild() a couple times in my filter_end code, could > it have different effects depending on when it's called? Nope. All it does is set a flag informing mimedefang.pl it should rebuild the message when

[Mimedefang] Is calling action_rebuild() idempotent?

If I call action_rebuild() a couple times in my filter_end code, could it have different effects depending on when it's called? ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it.

Re: [Mimedefang] utf-8 issue?

On Wed, 13 Dec 2017 20:37:36 -0500 "Bill Cole" wrote: > -return IO::File->new(\ $self->{MBS_Data}, $mode); > +return IO::Scalar->new(\ $self->{MBS_Data}, $mode); This will cause other problems down the line. I suggest you study the section "Byte

Re: [Mimedefang] utf-8 issue?

On Wed, 13 Dec 2017 21:03:27 -0500 "Bill Cole" wrote: > It is entirely possible (as stated explicitly in RFC2045) for a MIME > entity to contain unencoded binary data: any arbitrary stream of > bytes. Stream of *bytes* yes. But Perl native characters >

Re: [Mimedefang] utf-8 issue?

On 13 Dec 2017, at 16:39, Dianne Skoll wrote: It doesn't make sense because MIME messages are alway 8-bit messages; you need to encode everything as UTF-8 first before passing to MIME::Entity->build(). Re-reading that, I disagree. It is entirely possible (as stated explicitly in RFC2045)

Re: [Mimedefang] utf-8 issue?

On 13 Dec 2017, at 16:39, Dianne Skoll wrote: On Wed, 13 Dec 2017 16:28:58 -0500 "Bill Cole" wrote: Unfortunately, I tested a bit more and found that bug is still extant in 5.509, when tested with the one-liner in that bug report. That "bug" is a

Re: [Mimedefang] utf-8 issue?

On Wed, 13 Dec 2017 16:28:58 -0500 "Bill Cole" wrote: > Unfortunately, I tested a bit more and found that bug is still extant > in 5.509, when tested with the one-liner in that bug report. That "bug" is a WONTFIX. You can NOT feed MIME::Entity->build()

Re: [Mimedefang] utf-8 issue?

On 13 Dec 2017, at 2:31, Mark Coetser wrote: On 13/12/2017 00:09, Bill Cole wrote: [...] I'd bet this is the same as this bug: https://rt.cpan.org/Public/Bug/Display.html?id=105377 Which remains open but maybe not unfixed. and the filter is pretty much the stock microsoft mimedefang-filter

Re: [Mimedefang] utf-8 issue?

On 12/12/2017 20:03, Dianne Skoll wrote: On Tue, 12 Dec 2017 15:43:14 +0200 Mark Coetser wrote: Error from multiplexor: ERR No response from slave Reap: slave 1 (pid 15022) exited normally with status 22 (SLAVE DIED UNEXPECTEDLY) I've never seen this before. I'm also

Re: [Mimedefang] delete part best practice

On 12 Dec 2017, at 19:03 (-0500), Amit Gupta wrote: Given a parent entity and child entity, what's the best way to delete the child entity? I see code that clears all parts for an entity and then selectively adds them back in. I would like to scan through and selectively remove instead. See

[Mimedefang] delete part best practice

Given a parent entity and child entity, what's the best way to delete the child entity? I see code that clears all parts for an entity and then selectively adds them back in. I would like to scan through and selectively remove instead. ___ NOTE: If

Re: [Mimedefang] utf-8 issue?

On 12 Dec 2017, at 8:43 (-0500), Mark Coetser wrote: Hi I have 4 different mail hubs, all running latest debian ii perl 5.24.1-3+deb9u2i386 Larry Wall's Practical Extraction and Report Language ii mimedefang 2.79-2

Re: [Mimedefang] utf-8 issue?

On Tue, 12 Dec 2017 15:43:14 +0200 Mark Coetser wrote: > Error from multiplexor: ERR No response from slave > Reap: slave 1 (pid 15022) exited normally with status 22 (SLAVE DIED > UNEXPECTEDLY) I've never seen this before. I'm also not convinced it's related to the UTF-8

[Mimedefang] utf-8 issue?

Hi I have 4 different mail hubs, all running latest debian ii perl 5.24.1-3+deb9u2i386 Larry Wall's Practical Extraction and Report Language ii mimedefang 2.79-2 i386 e-mail filter program for

Re: [Mimedefang] REVISED: postfix/mimedefang socket

I ran into a problem with my systemd units for MIMEDefang. There is a race condition between mimedefang-multiplexor creating the socket and mimedefang trying to access it. If the multiplexor doesn't create the socket in time, mimedefang fails on startup. This is happening because Type=simple

[Mimedefang] mimedefang not locating clamd running

Hello folks, Been using mimedefang for ages with clamav, but I just noticed that mimedefang is not using clamd but only clamscan. Problem is I am not sure what I am doing wrong: - Installed clamav and clamd is running since it created the socket! # ls -ld /var/spool/MIMEDefang/clamd.sock

Re: [Mimedefang] mailsploit prevention in MD

On Wed, 6 Dec 2017 01:37:39 +0100 Jan-Pieter Cornet wrote: > Another bug with it's own logo and website has appeared: > www.mailsploit.com. Interesting. The code-injection part is worrying, but IMO the spoofing part is completely uninteresting. There are so many ways to fool

Re: [Mimedefang] mailsploit prevention in MD

On 12/5/2017 7:37 PM, Jan-Pieter Cornet wrote: Another bug with it's own logo and website has appeared: www.mailsploit.com. In the same vein and somewhat off-topic from an MD solution, here's a solution via Apache SpamAssassin that I'm soliciting feedback regarding on the SA users mailing

[Mimedefang] mailsploit prevention in MD

Another bug with it's own logo and website has appeared: www.mailsploit.com. This targets MUAs. It abuses RFC2047 MIME encoding of headers to insert NUL characters. The mails are relatively easy to stop using mimedefang. I've just rolled it out on our platform. Boilerplate code (completely

[Mimedefang] replacing body

Sorry if this is a dumb question from a Perl newbie. Still learning. Previously, Dianne provided some pseudo-code for use in filter_end to recursively traverse the MIME tree and rebuild it. I didn't forget that. But for someone new to MIMEDefang and Perl, and for my first version of the

Re: [Mimedefang] Error with mimedefang + clamd

@Dianne You are absolutely correct, in the sense that everything works now even without the -d switch. Nothing else has changed within the server regarding its configuration, I'm pretty sure about it. I agree that the invocation including the -d switch may not be the solution to the issue,

Re: [Mimedefang] Error with mimedefang + clamd

On Fri, 24 Nov 2017 15:53:44 +0200 "Info @ brainwash" wrote: > Hence, without the -d parameter, the issue is that the work folders > are removed before clamd has a chance to scan them. No, that is absolutely NOT the case. Something else has changed on your system in the

Re: [Mimedefang] Error with mimedefang + clamd

@Paul: With clamd scanning disabled, mimedefang scans for spam using spamassassin and adds the relevant headers into the e-mail messages. With the -d option, MIMEDefang does create work folders, e.g. : drwxr-x--- 4 defang defang 4096 Nov 24 14:12 mdefang-UBMc800 drwxr-x--- 2 defang defang 4096

Re: [Mimedefang] Error with mimedefang + clamd

> I started mimedefang with the -D option, as indicated. However, no working > directories within /var/spool/MIMEDefang/ > were created and, as a result, I get in maillog (again): > >clamd: WARNING: lstat() failed on: /var/spool/MIMEDefang/mdefang-UBKLc00/Work Did you check that MIMEDefang was

Re: [Mimedefang] Error with mimedefang + clamd

@Paul Thank you for your time taken to compile the list of steps regarding this issue. Results.. (1): /var/spool/MIMEDefang has the following permissions after Dianne's recommendations: drwxr-s--- 4 defang defang 4096 MIMEDefang I started mimedefang with the -D option, as indicated.

Re: [Mimedefang] Error with mimedefang + clamd

If your policy permits it, the next steps I would take would be: 1. Enable the "-D" option in MIMEDefang to leave the spool directories in place after scanning, so that you have an example to work with. Restart MIMEDefang to make this active. You only need to have this enabled until you

Re: [Mimedefang] Error with mimedefang + clamd

@Richard: Apparmor is not installed.. SELinux has been disabled.. -Original Message- From: Richard Laager [mailto:rlaa...@wiktel.com] Sent: Friday, November 24, 2017 12:00 PM To: Info @ brainwash Cc: mimedefang@lists.roaringpenguin.com Subject: Re: [Mimedefang] Error

Re: [Mimedefang] Error with mimedefang + clamd

Does your system have apparmor or SELinux that could be blocking access separately from filesystem permissions? -- Richard ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it.

Re: [Mimedefang] Error with mimedefang + clamd

@Paul/Dianne Output of the command you asked for: 8510 clamscan clamscan /usr/bin/freshclam -d -c 4 9697 clamscan clamscan /usr/sbin/clamd -c /etc/clamd.d/scan.conf 15710 root root /bin/bash /usr/share/clamav/freshclam-sleep Regarding clamav config, yes.. AllowSupplementaryGroups in

Re: [Mimedefang] Error with mimedefang + clamd

Also, you probably need to set AllowSupplementaryGroups in your clamd.conf file: AllowSupplementaryGroups BOOL Initialize a supplementary group access (the process must be started by root). Default: no Paul.

Re: [Mimedefang] Error with mimedefang + clamd

Hi, > Actually, user is clamscan.. Did you restart ClamAV after adding clamscan to the defang group? And did you ensure that AllowSupplementaryGroups in clamd.conf is set to "yes" ? Regards, Dianne. ___ NOTE: If there is a disclaimer or other legal

Re: [Mimedefang] Error with mimedefang + clamd

Also, please post the output from: ps -eo pid,group,user,args |grep clam Paul. ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org

Re: [Mimedefang] Error with mimedefang + clamd

Actually, user is clamscan.. Output of the commands you asked for: uid=996(clamscan) gid=992(clamscan) groups=992(clamscan),993(virusgroup),984(defang),983(clamilt) & dr-xr-xr-x. 18 root root 4096 Nov 20 20:02 / drwxr-xr-x. 28 root root 4096 Nov 17 14:39 /var drwxr-xr-x. 14 root

Re: [Mimedefang] Error with mimedefang + clamd

On Thu, 23 Nov 2017 20:36:50 +0200 "Info @ brainwash" wrote: > Tried the commands you mention.. to no effect however.. :( Please post the output of these commands: id clamav ls -ld / /var /var/spool /var/spool/MIMEDefang/ Regards, Dianne.

Re: [Mimedefang] Error with mimedefang + clamd

Hi Dianne, Thank you for the swift reply. Tried the commands you mention.. to no effect however.. :( Still @ maillog: mimedefang.pl[25993]: B8D39D49: Clamd returned error: lstat() failed: Permission denied. mimedefang.pl[25993]: B8D39D49: Problem running virus scanner: code=999,

Re: [Mimedefang] Error with mimedefang + clamd

On Thu, 23 Nov 2017 14:25:28 +0200 "Info @ brainwash" wrote: > mimedefang with the -G option and have the clamav user as member of > the defang group. In particular, the startup parameters of both [...] > .. and I get the issues with the Work files creation as initially >

Re: [Mimedefang] Error with mimedefang + clamd

Hello Dianne & Bill, Thank you both for your replies.. @Dianne: I have already tested your recommendation, i.e. run mimedefang with the -G option and have the clamav user as member of the defang group. In particular, the startup parameters of both services are: /usr/bin/mimedefang -P

Re: [Mimedefang] score USER_IN_WHITELIST_TO

On 22 Nov 2017, at 16:39 (-0500), Kris Deugau wrote: [...] Right, sorry, I forgot about those kind of cases (even in the man page IIRC). I've always excluded those by just not passing their mail to SA - either because of some magic in my MIMEDefang setup, or by disabling the call to SA at

Re: [Mimedefang] score USER_IN_WHITELIST_TO

Marcus Schopen wrote: Am Dienstag, den 21.11.2017, 10:32 -0500 schrieb Bill Cole: On 20 Nov 2017, at 16:41 (-0500), Kris Deugau wrote: USER_IN_WHITELIST_TO applies to all mail for a given recipient; IMO it's a crude hack to work around cases where whatever is calling SA can't use the SA

Re: [Mimedefang] score USER_IN_WHITELIST_TO

Am Dienstag, den 21.11.2017, 10:32 -0500 schrieb Bill Cole: > On 20 Nov 2017, at 16:41 (-0500), Kris Deugau wrote: > > > USER_IN_WHITELIST_TO applies to all mail for a given recipient; IMO > > it's a crude hack to work around cases where whatever is calling SA > > can't use the SA userprefs

Re: [Mimedefang] Error with mimedefang + clamd

On 22 Nov 2017, at 10:11 (-0500), Info @ brainwash wrote: /var/spool/MIMEDefang/ directory has rights 0766 and belongs to user defang:defang (it is been reset to these values every time the mimedefang service restarts or the server reboots). Dianne has already given the proper solution but

Re: [Mimedefang] Error with mimedefang + clamd

Hi, You should either add the ClamAV user to the "defang" group and use the "-G" option to have mimedefang create group-accessible files, or simply run clamd as the "defang" user directly. Regards, Dianne. > Clam has been unable to scan for e-mails when received by MIMEDefang, > producing the

[Mimedefang] Error with mimedefang + clamd

Hello, I have installed MIMEDefang 2.8.3 from the EPEL repository on a Centos 7-4.1708.el7.centos.x86_64 VM. I have also installed CLAMAV as clamd (daemon - v0.99.2/24063) under user clamscan and I have also configured clamav-milter to integrate it with Postfix. All of them run successfully. I

Re: [Mimedefang] score USER_IN_WHITELIST_TO

On 20 Nov 2017, at 16:41 (-0500), Kris Deugau wrote: USER_IN_WHITELIST_TO applies to all mail for a given recipient; IMO it's a crude hack to work around cases where whatever is calling SA can't use the SA userprefs system to just change the threshold instead. It is very useful for

Re: [Mimedefang] score USER_IN_WHITELIST_TO

Marcus Schopen wrote: Hi, setting whitelist_to in sa-mimedefang.cf seems to hit score USER_IN_WHITELIST_TO -6.0 # they want some spam spamassassin score, so the score is reduced by a value of 6.0. How do I hit the -100 score score USER_IN_WHITELIST-100.0

[Mimedefang] score USER_IN_WHITELIST_TO

Hi, setting whitelist_to in sa-mimedefang.cf seems to hit score USER_IN_WHITELIST_TO -6.0 # they want some spam spamassassin score, so the score is reduced by a value of 6.0. How do I hit the -100 score score USER_IN_WHITELIST-100.0 using

Re: [Mimedefang] Quarantine directory name incorrect

On Sun, 19 Nov 2017 10:39:56 +1100 Bill Maidment wrote: > In recent times I have noticed that the quarantine directory name has > been generated incorrectly using the minute value instead of the > month value. The problem appears to be in mimedefang.pl subroutine > hour_str

[Mimedefang] Quarantine directory name incorrect

Hi In recent times I have noticed that the quarantine directory name has been generated incorrectly using the minute value instead of the month value. The problem appears to be in mimedefang.pl subroutine hour_str where it returns $min+1 instead of $mon+1 Cheers Bill Maidment

Re: [Mimedefang] replace_entire_message() help

On Fri, 17 Nov 2017 08:34:50 -0800 "Michael Fox" wrote: > In other words, if the top-level headers can't be replaced by new > values in the MIME::Entity->build() method, then why do I still need > to include them when building the new entity? Ah, I guess you don't. But I'd do

Re: [Mimedefang] replace_entire_message() help

> > 1) When building $new_entity, does every field need to be included? > > Yes. > > 2) I can't figure out how to replace the Subject header - even with a > > string literal. For example, suppose I have the following in > > filter_end(): > > You can't replace top-level headers this way. You

Re: [Mimedefang] replace_entire_message() help

On Fri, 17 Nov 2017 07:46:00 -0800 "Michael Fox" wrote: > 1) When building $new_entity, does every field need to be included? Yes. > Or will extra info be copied from the existing $entity? No, unless you arrange for that in your code. > 2) I can't figure out how to replace

[Mimedefang] replace_entire_message() help

I need some help with the replace_entire_message() function. Apologies in advance if the problem is my novice perl knowledge. Assume $entity is the existing entity and $new_entity is the newly built entity. 1) When building $new_entity, does every field need to be included? Or will extra info

Re: [Mimedefang] Mimedefang with postfix. Process memory usage over time.

On Fri, 10 Nov 2017 18:44:20 -0500 Robert Theisen wrote: > Did you find anything of concern in the mimedefang process on your > host that was consuming 8GB RAM? No, and here's the weird thing. I attached using gdb and forced a core dump. The core file was only 98MB in

Re: [Mimedefang] Mimedefang with postfix. Process memory usage over time.

Did you find anything of concern in the mimedefang process on your host that was consuming 8GB RAM? ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit

Re: [Mimedefang] Mimedefang with postfix. Process memory usage over time.

sendmail-milter-8.14.7-5.el7.x86_64 [ext-mx09] [10:31:02 PM] [root@ext-mx09 tmp]# rpm -qa | grep milter sendmail-milter-8.14.7-5.el7.x86_64 [ext-mx09] [10:31:10 PM] [root@ext-mx09 tmp]# rpm -ql sendmail-milter /usr/lib64/libmilter.so.1.0 /usr/lib64/libmilter.so.1.0.1

Re: [Mimedefang] Mimedefang with postfix. Process memory usage over time.

On Fri, 10 Nov 2017 13:18:15 -0500 Robert Theisen wrote: > { > struct privdata *data; > char *val; > char buf[256]; > if (*macro && *(macro+1)) { > /* Longer than 1 char -- use curlies */ > snprintf(buf, sizeof(buf), "{%s}", macro); >

Re: [Mimedefang] Mimedefang with postfix. Process memory usage over time.

Hi again, What version of libmilter are you linking against? There was a memory leak in libmilter in versions older then 8.14.4. https://groups.google.com/forum/#!topic/linux.debian.bugs.dist/I3QpUbpdwSM Regards, Dianne. ___ NOTE: If there is a

Re: [Mimedefang] Mimedefang with postfix. Process memory usage over time.

Something that might help. I noticed that the format of the string in memory is ... _ {auth_authen} {auth_author} {auth_ssf} {auth_type} {cert_issuer} {cert_subject} {cipher} {cipher_bits} {daemon_name} {daemon_port} i {if_addr} {if_name} j {mail_addr} {mail_host} {mail_mailer} {tls_version}

Re: [Mimedefang] Mimedefang with postfix. Process memory usage over time.

On Fri, 10 Nov 2017 10:33:10 -0500 Robert Theisen wrote: [snip] > and that macro gets copied to dbuf at line 952 > > /* Write the standard macros */ > macro = StandardSendmailMacros; > while (*macro) { > append_macro_value(, ctx, *macro); >

[Mimedefang] Mimedefang with postfix. Process memory usage over time.

We have an environment with postfix-2.10.1-6.el7.x86_64 and mimedefang-2.78-6.el7.x86_64 . Postfix is configured to interact with mimedefang via smtpd_milters = unix:/var/spool/MIMEDefang/mimedefang.sock [root@ext-mx02 ~]# uname -a Linux ext-mx02 3.10.0-514.21.2.el7.x86_64 #1 SMP Sun May 28

Re: [Mimedefang] How-to: Extracting Inline Images from Emails?

On 11/9/2017 9:11 AM, Dianne Skoll wrote: Inline attachments are not special; they're just like regular attachments except they have a Content-Disposition: of inline and quite likely have a Content-ID: header. Ahh, thanks! ___ NOTE: If there is a

Re: [Mimedefang] How-to: Extracting Inline Images from Emails?

On Wed, 8 Nov 2017 18:49:01 -0500 "Kevin A. McGrail" wrote: > I'm trying to rip out attachments that are inline as well as > attachments from emails. Inline attachments are not special; they're just like regular attachments except they have a Content-Disposition: of inline

[Mimedefang] How-to: Extracting Inline Images from Emails?

Hi All, I'm trying to rip out attachments that are inline as well as attachments from emails. Anyone have any pointers for that in MD so I don't reinvent the wheel? Regards, KAM ___ NOTE: If there is a disclaimer or other legal boilerplate in the

[Mimedefang] bad_exts in zip files

Dear All, Mimedefang version: 2.79 In file "mimedefang-filter" there are several extensions listed in $bad_exts They are all caught if such a file is sent as attachment and moved to a quarantine directory. There is also the feature "Archive::Zip" If such a file with a bad extension is

Re: [Mimedefang] Part’s parent content-type

On November 4, 2017 9:25:20 PM EDT, Amit Gupta wrote: >Thank you Dianne! This is going to sound silly, but what I'm looking >for is a function like >$parent_part = get_parent ($top_entity, $part); No such function exists. That's why you have to do it the way I illustrated.

Re: [Mimedefang] Part’s parent content-type

Thank you Dianne! This is going to sound silly, but what I'm looking for is a function like $parent_part = get_parent ($top_entity, $part); So given the top level entity and a specific part, the function will return the MIME::Entity for the parent of $part. I'm struggling with getting the

Re: [Mimedefang] Part’s parent content-type

On Fri, 3 Nov 2017 22:37:46 -0700 Amit Gupta wrote: > When iterating through the parts of a MIME::Entity using parts_DFS, > what would be the best way to get a reference to a part's parent > entity or parent entity type? Pass it in when you recurse. sub process { my

[Mimedefang] Part’s parent content-type

When iterating through the parts of a MIME::Entity using parts_DFS, what would be the best way to get a reference to a part’s parent entity or parent entity type? I’m trying to do some logic on an HTML part depending on if the parent type is multipart/related or not. I was thinking of just

[Mimedefang] MIMEDefang 2.83 is released

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello, MIMEDefang 2.83 is released and available at the download page: https://mimedefang.org/download Release notes follow. Regards, Dianne. 2017-10-30 Dianne Skoll * MIMEDefang 2.83 RELEASED *

Re: [Mimedefang] base64 to quoted-printable

> -Original Message- > } Unfortunately, it's an amateur radio BBS written in the 80s that > > Which app is it? JNOS http://www.langelaar.net/projects/jnos2/ > } only understands plain text. It was pretty advanced in its time > > Something this old may not understand

<    1   2   3   4   5   6   7   8   9   10   >