Hi
> What does all this talk about spam and anti virus stuff have ro do with the
> program remind?
Sorry, if this seemed off-topic.
MIMEDefang makes heavy use of MIME::Tools to unpack MIME
Parts and extract files and filenames.
So I supposed the problem described could have the same issue as th
Hi
I suppose I came over a very similar issue while building an spamtrap
which extracts attachements with MIME::Parser and feeds them down the
throat of clamav.
It boils more or down how perl threat UTF-8 strings on file functions
and how posix systems don't care about the encoding of filenames
Hi Gang
De-Installed MIME-Tools and MIMEDefang. Re-Installed. => Fixed.
Mit freundlichen Grüssen
-Benoît Panizzon-
--
I m p r o W a r e A G-Leiter Commerce Kunden
__
Zurlindenstrasse 29 Tel +41 61 826 93 00
CH-4133 Prat
Hi Gang
Happy X-mas to all.
Yesterday I updated one MIMEDefang machine because of actual security
fixes with SpamAssassin. Those packages were updated:
libsasl2-2 libsasl2-modules libsasl2-modules-db sa-compile sasl2-bin
spamassassin spamc
They don't seem to be related to perl in any way.
Sinc
Dear List
I have started using the ASN SpamAssassin Plugin to penalize emails
originating from certain know spam operation ASN with great success
(especially for the actual sextortion email wave).
Now I reckoned it would be nice to also have the X-SPAM-ASN Header which
is added by SpamAssassin to
Hi Benny
> > This causes Postfix to accept all emails which match this local mailbox
> > regexp and make it believe to deliver them to /dev/null, which never
> > happens as we will extract the real recipient from the SRS header with
> > MIMEDefang.
>
> how does this prevent accept and bounce ?
Hi List
Ok, after some more google and try and error. I figured it out.
So let's put the solution here so google can index it if somebody else
looks for it.
If you use the verify functions to do a call ahead destination
verification for relayed domains, you need to
smtpd_recipient_restrictions
Hi Kris
Yes, using an ip socket circumvents the permission maze of file based
sockets :-)
> Plugging ClamAV into MIMEDefang tends to hit the same permissions maze,
> along with a light dose of "where did Clam actually put the socket?",
> since I think MD looks in the "wrong" place by default.
Hi Allan
I'm trying to give you a little bit of help.
I'm looking at an ubuntu system, but I hope it's quite identical to
Debian.
/etc/default/mimedefang
Make sure MIMEDefang is listening to an inet socket, maybe better on
localhost, if you don't run your MIMEDefang on a dedicated filter
machin
Hi List
Well, probably a bit off-list here, but I'm still trying my luck.
Has anyone managed to find a way to have language specific report
templates in spamassassin?
Being Switzerland, we have several national languages and we have
customers who would like to get such messages in their language
Hi Wietse
> Not possible. The Milter protocol implements the 'change sender'
> feature AFTER the entire message is received. That is long
> after the MAIL FROM and RCPT TO commands.
Ok, so if you activate reject_unverified_recipient it's not possible to
tell postfix not to call this function for
Dear Lists (sorry for the xpost).
I have a milter which performs SRS Signing in case of forwarded emails
and SRS Verification of bounces.
This worked quite well, until we configured our mail plattform to also
relay emails for other domains and thus activated
reject_unverified_recipient to perform
Hi
> I am curious. Why not just add a rule
> to /etc/mail/spamassassin/local.cf to match the desired header. Are
> you not using SpamAssassin?
There is a lot of other helpful things stuff you can do with mimedefang.
Just a few ideas:
* Rewrite sender in an SRS compatible way.
* Handle forwarding
Dear Hans
> I am looking for a possibility to filter for an existing header line.
> I found a lot of examples where $Subject, $Sender and others can be
> used. But I need the possibility to find a certain header line, for
> example X-Someinfo: Can someone point me to some examples.
> I was sear
Hi Sauraj
> I have been using mimedefang for long time with sendmail as the MTA
> but when I try to change the MTA to postfix and use mimedefang it
> seems to be not working. Could you please help me with this.
We use MIMEDefang with Postfix. Could you please be a bit more specific
about the prob
Hi all
Thank you for the comments. I wrote that email a bit in a hurry, because
we have an 'old' installation which uses MIMEDefang where we cannot
update clamd (and the OS base) anymore. Clamd keeps crashing with new
definition files.
So as a quick fix I got clamd on our new filter installation
Hi all
Does anyone know, if it's possible to use
ClamdSock = "host:port";
in MIMEDefang?
I found very old posts stating, that clamd can only scan local files,
thus has to be called on the machine the file resides.
Is still this the case, or can the content to be scanned streamed via
inet socke
Hi
> is it possible to define $bad_exts in sub filter_bad_filename based on
> domain name? I'd like to filter ".docm"-attachments, but not globally
> for all domains on that server, just for my private domain. Seems to
> be that $recipient is not known in sub filter_bad_filename?
Sure it is. You
Hello
I just found a description of the problem.
It has been fixed in libencode >= 2.77
https://github.com/dankogai/p5-encode/commit/27682d02f7ac0669043faeb419dd5a104eecfb73
-Benoît Panizzon-
--
I m p r o W a r e A G-Leiter Commerce Kunden
Hi all
This morning, all our mimedefang instances started to repeateldy
crash:
UTF-32:Unrecognised BOM 4900
at /usr/lib/perl/5.18/Encode/MIME/Header.pm line 81.
The emails all originate from the same sender. It's probably not an
attack but a Massmailer sending some strange kind of UTF-32 Ema
Hi Marcus
> is there a way to implement SRS using mimedefang? GMX set SPF to
> "-all" and forwarded mails to gmx accounts get blocked.
Sure...
Just some Code Fragments:
use Mail::SRS;
sub filter_recipient {
[...]
my $srs = new Mail::SRS(
Secret => $srskey,
MaxAge => 30,
Hi Indunil
> Is there a way to sync sent item from pop3 account to webmail sent
> folder ?
A POP3 Server does not know about folders and does not know any status
of an email. So it does not know what a 'sent' item ist. There is just
an INBOX containing email messages, if you want to call it that
Hi Roman
At the start of your mimedefang-filter, where the 'use' statements are,
add the Perl Storable Module. (You need to have the storable
perl module installed for this to work).
require Storable;
You probably have sub filter_initialize {} and sub filter_cleanup {}
somewhere in your code. Ju
Hi Roman
> Are you sure that you forgot notthing from your code??
>
> Because i try and it don't work :-(
It was not working code. It was just a quick copy-paste from parts of
my code.
-Benoît Panizzon-
--
I m p r o W a r e A G-Leiter Commerce Kunden
_
Hi Roman
> I need to limit the Recipients from to, cc bcc for auth user in the
> filter_recipient procedure .is this possible? Realy great it
> would be, to get the count for each to, cc, bcc in the part between
Sure it is. From the viewpoint of the SMTP Transfer, rcpt to: does not
distungui
Hi Roman
> my $recipient_to_count = ??;
> my $recipient_cc_count = ??;
> my $recipient_bcc_count = ??;
I just re-read your email. I guess you want to distinguish the
different types of recipient (to,cc and bcc).
No, unfortunately this is not possible in filter_recipient as this
processes the rcp
Hi
> Perhaps we have not seen any of these attacks because the messages
> fail our SPF checks:
In our case it did not fail. The From: Header was sent to DHL, but not the
envelope sender.
Mit freundlichen Grüssen
Benoit Panizzon
--
I m p r o W a r e
box put on top of the link
with action to open that URI.
I'll have a look at the PDF Info Plug-in as mentioned by Kevin. (thank you
Kevin)
Mit freundlichen Grüssen
Benoit Panizzon
--
I m p r o W a r e A G-
__
Zurlindenstra
such a solution?
Mit freundlichen Grüssen
Benoit Panizzon
--
I m p r o W a r e A G-
__
Zurlindenstrasse 29 Tel +41 61 826 93 07
CH-4133 PrattelnFax +41 61 826 93 02
Schweiz Web h
Mit freundlichen Grüssen
Benoit Panizzon
--
I m p r o W a r e A G-
__
Zurlindenstrasse 29 Tel +41 61 826 93 07
CH-4133 PrattelnFax +41 61 826 93 02
Schweiz Web h
st for his mailing tool. But
still in such a case I would like to disconnect our customer instead of
processing every recipient his tool is trying to send emails to.
Benoit Panizzon
--
I m p r o W a r e A G-
__
Zurlindenstr
stead of having to reject
every single recipient (every single call of filter_recipient) to save some
processing load.
Does anyone know how to do this?
Kind regards
Benoit Panizzon
--
I m p r o W a r e A G-
__
Zurlindenstras
Well, after some more RTFM and stumbling over a thread about documentation
issues with global variables:
http://lists.roaringpenguin.com/pipermail/mimedefang/2010-May/035763.html
I constate that $RelayAddr is available in filter_begin but read_commands_file
is not.
Benoit Panizzon
--
I m p r
story (tstamp, auth_user, HTTP_ip);
}
Wo how can I access the client_ip from within filter_begin?
Mit freundlichen Grüssen
Benoit Panizzon
--
I m p r o W a r e A G-
__
Zurlindenstrasse 29 Tel +41 61 826 93 07
CH-4133 Pra
that. Let me know if that fixes it.
Yes, that was the cause. After putting the sender / recipient changes into
filter_begin they work reliably as expected.
Thanks for your help.
Benoit Panizzon
--
I m p r o W a r e A G-
__
Zurlinde
;DEBUG: Deleting Recipient
" . $originalrecipient);
delete_recipient($originalrecipient);
}
while (my $aliasref = $forwards->fetchrow_hashref()) {
md_syslog('warning',&qu
hat is being changed so I know they are being
run.
The changes that occur in the body, like adding the line that MIMEDefang has
scanned that email, are always run, even if the recipient changes have not
been run.
MIMEDefang 2.73 in use here.
Is there anything known which could cause that iss
use.
Btw, is there a way to tell postfix what to do in case a milter fails? No hits
with Google
Kind regards
Benoit Panizzon
--
I m p r o W a r e A G-
__
Zurlindenstrasse 29 Tel +41 61 826 93 07
CH-413
TX? I will have to look up what that is.
Well until now I don't know any solution that works flawlessly. SMTP was just
designed with a couple of flaws and we have to work around the one kind or the
other and try not to break too much.
Mit freundlichen Grüssen
27; spamcop.net spamtrap causing immediate blacklisting of our main
outbound server. And spamcop.net is widely used.
Kind regards
Benoit Panizzon
--
I m p r o W a r e A G-
__
Zurlindenstrasse 29 Tel +41 61 826
k upon that).
I do consider backscatter the more serious problem.
Mit freundlichen Grüssen
Benoit Panizzon
--
I m p r o W a r e A G-
__
Zurlindenstrasse 29 Tel +41 61 826 93 07
CH-4133 PrattelnFax +41 6
some kind of loop detection header or use some other logic
to detect loops or bounces which would loop (eg match empty sender). But one
problem at the time please :-)
Benoit Panizzon
--
I m p r o W a r e A G-
__
Zurlindenst
his could also be used to implement propper SRS (which we actualy don't need
anymore if we use the forwarder's address as sender).
Benoit Panizzon
--
I m p r o W a r e A G-
__
Zurlindenstrasse 29 Tel
cipient and spam settings to a file in the actual
CWD and on each recipient I can get the count and what kind of recipients I
accept from that file.
Kind regards
Benoit Panizzon
--
I m p r o W a r e A G-
__
Zurlindenstrasse
a way to define some sort of over-global variable that is consistent
for one SMTP session between all of the mimedefang processes?
Kind regards
Benoit Panizzon
--
I m p r o W a r e A G-
__
Zurlindenstrasse 29 Tel +41 6
Am Mittwoch, 18. Oktober 2006 14.58 schrieb David F. Skoll:
> Benoit Panizzon wrote:
> > Is there a way to delay the 200 Queued message until I get the
> > return code to 'DATA' from HOST B to pass this code to HOST A?
>
> Yes. You need to run your Sendmail in &quo
ng bad and return 200 QUEUED to HOST A
=> 550 EXE Files not accepted on HOST B
** MIMEDefang has to bounce as it already accepted the mail from HOST A
Is there a way to delay the 200 Queued message until I get the return code to
'DATA' from HOST B to pass this code to HOST A?
Regar
Hi all
I just noticed that md_check_against_smtp_server seams to be failing checking
an IPv6 only destination server.
(Not sure if $ip contains only IPv4 but in other routines the IPv6 address is
correctly returned...)
Also on Servers which are reachable through IPv6 and IPv4 I noticed that
m
Hi all
I have a centralized MIMEDefang Machine which is connected by socket.
Is there a way to listen to multiple sockets?
SOCKET=inet:,inet6:
-Benoit-
--
SPAM SPAM SPAM SPAM / Hormel's new miracle meat in a can
Tastes fine, saves time. / If you want something grand, / Ask for SPAM!
Hi all
Problem is solved...
I got puzzled by the fact that sendmail logs each recipient when mimedefang
finds a virus, but there's only one MDLOG line per connection now.
Regards
-Benoit-
___
Visit http://www.mimedefang.org and http://www.canit.ca
MIM
Hi all
mimedefang 2.43 running here.
As I understand the Man-Page, this should create only one log entry per
message received.
md_graphdefang_log_enable('mail', 0);
is the second way I did try this.
Nevertheless, I still get one entry per recipient while scanning the email for
viruses, which
51 matches
Mail list logo
