our that starts with a zero.
Yeah. Good advice.
Never ever start working before 10 AM.
Regards,
Kees Theunissen.
--
Kees Theunissen, System and network manager, Tel: +31 (0)40-3334724
Dutch Institute For Fundamental Energy Research (DIFFER)
e-mail address: c.j.theunis...@differ.nl
postal ad
a problem in most cases as the text/plain part
generally _is_ a valid representation of the message, but be aware that
you risk to delete unique contents when you throw away a non-text/plain
message part.
Regards,
Kees Theunissen.
--
Kees Theunissen, System and network manager, Tel: +31 (0)40-33
ch - in adition to real Bcc's - expansions of
aliases, distribution groups in MS Exchange/Outlook, mailinglists
and things like that.
Regards,
Kees Theunissen.
--
Kees Theunissen, System and network manager, Tel: +31 (0)40-3334724
Dutch Institute For Fundamental Energy Research (DI
But obviously .html and .htm _ARE_ dangerous.
Regards,
Kees Theunissen.
--
Kees Theunissen, System and network manager, Tel: +31 (0)40-3334724
Dutch Institute For Fundamental Energy Research (DIFFER)
e-mail address: c.j.theunis...@differ.nl
postal address: PO Box 6336, 5600 HH, Eindhoven, the Ne
gt;put a firewall on the mail server, but I didn?t want to have to do that.
>Is there a way to make sendmail deny everything by default?
Not tested but the line below should work as catch-all rule for IPv6.
Connect:IPv6REJECT
Regards,
Kees Theunissen.
--
Kees Theunissen, System
to sendmail. Sendmail used the GECOS field to resolved this "q"
into a user name. The only match for "q" in the GECOS fields happend
to be the third initial of one of the other users. So that guy
received quite a few unintentional CC's of the first user's outbound
mail.
p "clamav". I made the "clamav" user a menber of the
"defang" group so clamd can read the contents of subdirs
below /var/spool/MIMEDefang with group rights.
~# id defang
uid=108(defang) gid=110(defang) groups=110(defang)
~# id clamav
uid=107(clamav) gid=109(clamav) grou
---
Debian modified /usr/bin/mimedefang.pl to 'require' this file.
Regards,
Kees Theunissen.
--
Kees Theunissen, System and network manager, Tel: +31 (0)30 6096724
Dutch Institute For Fundamental Energy Research (DIFFER)
e-mail address: c.j.theunis...@differ.nl
postal addres
7;m now using the rsyslog package on my wheezy systems.
Regards,
Kees Theunissen.
--
Kees Theunissen, System and network manager, Tel: +31 (0)30 6096724
Dutch Institute For Fundamental Energy Research (DIFFER)
e-mail address: c.j.theunis...@differ.nl
postal address: PO Box 1207, 3430
from the filter_begin
subroutine in mimedefang-filter.
I guess that it's safe to remove this too:
# Copy original message into work directory as an "mbox" file for
# virus-scanning
md_copy_orig_msg_to_work_dir_as_mbox_file();
Regards,
Kees Theunissen.
--
Kees Theunissen, Sy
ust want to be sure that the value assigned to $HOME is correct,
whether that value is used or not.
Regards,
Kees Theunissen.
--
Kees Theunissen, System and network manager, Tel: +31 (0)30 6096724
Dutch Institute For Fundamental Energy Research (DIFFER)
e-mail address: c.j.theunis...@
it script in the redhat directory of the original MIMEDefang
source uses the configuration file /etc/sysconfig/mimedefang but that
file is sourced _before_ the $HOME environment variable is screwed up.
With that init script you need to modify the init script in order to
correct the $HOME assignment
tails._zip
These malformed messages can be detected and rejected in "sub filter"
with something like:
if (defined($head->mime_attr("Content-Disposition.name"))) {
md_graphdefang_log('rejected', 'bad_mime_header', $RelayAddr);
return ac
t you instructed mimedefang
to delete the HTML part. That leaves the original preamble as
the only contents of the resulting message body.
Regards,
Kees Theunissen.
--
Kees Theunissen, System and network manager, Tel: +31 (0)30 6096724
Dutch Institute For Fundamental Energy Research (DIFFER)
he "last" command is like the "break" statement in C (as used
in loops); it immediately exits the loop in question.
So the "last;" command in your code will end the while-loop after processing
the first line that matches the regular expression.
Non-
efang.
In that file I have:
# "yes" turns on the multiplexor recipient checking function
# MX_RECIPIENT_CHECK=no
MX_RECIPIENT_CHECK=yes
Regards,
Kees Theunissen.
--
Kees Theunissen, System and network manager, Tel: +31 (0)30 6096724
Dutch Institute For Fundamental Energy Researc
ender,
$recip, "localhost", "192.168.1.10");
I assume that you intent to use meaningfull variable names.
Regards,
Kees Theunissen.
--
Kees Theunissen, System and network manager, Tel: +31 (0)30 6096724
Dutch Institute For Fundamental Energy Research (DIFFER)
e-mail address:
efang pass.
>
>Any suggestions much appreciated!
Mimedefang won't run without a filter and it doesn't seem to be using
the file you think it's using. So it probably uses another
filter file.
1) Examen mimedefang.pl to see the default filter file (build time
option): grep
aggregates (hashes and arrays) is
deprecated. It used to report whether memory for that
aggregate has ever been allocated. This behavior may disappear
in future versions of Perl. You should instead use a simple
test for size:
if (@an_array)
ut I haven't installed it yet).
It seems that the use of the defined function on hashes and arrays
is deprecated (since 5.16.0?).
See: http://perldoc.perl.org/functions/defined.html
The OP used defined on a scalar variable.
Regards,
Kees Theunissen.
--
Kees Theunissen, System and network
such a case, and send a separate message to r3 containing
a reference to the original message and instructions to install
and register the plugin.
Regards,
Kees Theunissen.
--
Kees Theunissen, System and network manager, Tel: +31 (0)30 6096724
Dutch Institute For Fundamental Energy
und to a particular
sending domain. So if this is your linkedin address I would expect a
plain reject instead of greylisting of a sender from the alltech1.com
domain. Or did I misunderstood how locked addresses work?
Regards,
Kees Theunissen.
Please note that from 1 January onwards, our insti
o the
rewritten adresses if they insist on using this CNAME. Or they should
accept losing some mail.
Notwithstanding the above, you probably shouldn't rewrite those
addresses.
Best regards,
Kees.
--
Kees Theunissen
F.O.M.-Institute for Plasma Physics Rijnhuizen, Nieuwegein, Netherlands
E-
omething like:
tail -n100 /var/log/mail.log | \
grep -q 'Milter (mimedefang): to error state' && \
/etc/init.d/mimedefang restart
frequently run by cron should do the job (not jet tested).
The regular expression in the grep command is based on my logs after
the last cras
d in Dec
2010. Unfortinately was the fix not released for Debian Lenny or even
Squeeze (Squeeze was the "frozen" testing release at that time.)
Both Lenny and Squeeze ship unfixed 8.14.3 versions.
Regards,
Kees Theunissen.
--
Kees Theunissen
F.O.M.-Institute for Plasma Physics Rij
ind any articles that refer to
>this variable.
This bug was reported a few weeks ago on this list as a bug in 2.70
and has been fixed in 2.71 (still beta?). Search the list archive
for this message:
Date: Tue, 29 Jun 2010 23:13:01 +0200
From: ml ml
Subject: [Mimedefang] Bug in mimedefan
gnosing when something is spam, but our mimedefang filter is sending
>it to quarantine anyway even when it's not. :) Any thoughts?
Are you really sure about the missing log line? It could be located
somewhere else in the log file. Depending on the value of the
left over $Header{'
ure
to rewrite recipient addresses *based on the sender's address*.
Regards,
Kees.
--
Kees Theunissen
F.O.M.-Institute for Plasma Physics Rijnhuizen, Nieuwegein, Netherlands
E-mail: theun...@rijnh.nl, Tel: (+31|0)306096724, Fax: (+31|0)306031204
gt;reached, will tag spam but LET IT PASS.
A tag added by this code would be written in mixed case and would contain
$hits (e.g. [Spam: 4.321]). A message tagged with a literal "[SPAM]" in
the subject -as stated in the original posting- was certainly NOT tagged
by this code.
Regards
me open relay used by a spammer.
IMHO nobody should use a MX host if he/she is not willing to accept all
messages relayed by that MX host.
If you want or need to use a secundairy MX host you better choose
a host that can do all filtering you need. You're too late te reject
a message if it h
# does this, set this to 1.
skip_rbl_checks 1
Regards,
Kees.
--
Kees Theunissen
F.O.M.-Institute for Plasma Physics Rijnhuizen, Nieuwegein, Netherlands
E-mail: [EMAIL PROTECTED], Tel: (+31|0)306096724, Fax: (+31|0)306031204
___
NOTE: If there is a
ccount. This would prevent me from
N!! Don't send the *likely spoofed* sender an error
message.
Regards,
Kees.
--
Kees Theunissen
F.O.M.-Institute for Plasma Physics Rijnhuizen, Nieuwegein, Netherlands
E-mail: [EMAIL PROTECTED], Tel:
I receive about 100 times more spam than
viruses. That means that I'm scanning about 100 spam mails (that
could already have been detected by SpamAssassin, and that still
have to be checked by SpamAssassin anyway) for viruses just to
block a single virus. This 100 to 1 ratio is also expensiv
TED]>.
Note the < and >. Your regular expression is testing for "@domain.com"
at the _end_ of the string.
Try something like:
$relay = "internal_server" if ($recip =~ m/[EMAIL PROTECTED]>?$/i);
Regards,
Kees.
--
Kees Theunissen
F.O.M.-Institute for Plasma
the _real_ cause is ofcourse
a malformed mime header in the message.
Regards,
Kees.
--
Kees Theunissen
F.O.M.-Institute for Plasma Physics Rijnhuizen, Nieuwegein, Netherlands
E-mail: [EMAIL PROTECTED], Tel: (+31|0)306096724, Fax: (+31|0)306031204
usion is that this unquoted string with
spaces is _not_ valid.
> So I think it's a mimedefang/MIME handling bug that when unquoted
> string are used on Content-Disposition filename parameter they are
> truncated...
I don't think it's a bug to reject an invalid message.
And I&
isible).
I use Pine on a Slackware 10.2 and Slackware 11.0 Linux box.
The italic part rendered as underlined in an Xterm, and as
intensified text on a virtual console. There were no colour
changes.
Regards,
Kees.
--
Kees Theunissen
F.O.M.-Institute for Plasma Physics Rijnhuizen, Nieuwegein, N
not like that if you frequently
use names or aliasses with dots. Mail will be delivered to the
wrong person if a local.part resolves to a valid domain name
for any of your users/aliases.
I wouldn't use this on a mailserver that has many accounts.
But it might be usefull on a personal workstation or
m." and a body with just "I'll be there."?
This body is well below 20 bytes.
Regards,
Kees.
--
Kees Theunissen
F.O.M.-Institute for Plasma Physics Rijnhuizen, Nieuwegein, Netherlands
E-mail: [EMAIL PROTECTED], Tel: (+31|0)306096724, Fax: (+31|0)306031204
by" header?
>
Does the section "PRESERVING RELAY INFORMATION" from the
mimedefang-filter(5) manpage help you?
Regards,
Kees.
--
Kees Theunissen
F.O.M.-Institute for Plasma Physics Rijnhuizen, Nieuwegein, Netherlands
E-mail: [EMAIL PROTECTE
d on this list some time ago. This
>is more portable than 'deamon_name' check.
>
>And if a message is already on my server I assume it is not spam.
>
>
>There is a small problem with this approach - Bayes database do not
>learn phrases and words used in e-mail s
t;|" ?. Are they trying to exploit some bug somewhere in
a prog or script that handles messages or mail logs?
Could those invalid addresses you saw "in a format that could
never have been a valid address" make some sense in a scripting
context?
Regards,
--
Kees Theunissen
F.O.M.-I
vironments of Redhat based systems.
Have a look at (URL wrapped):
http://lists.roaringpenguin.com/pipermail/mimedefang/
2006-August/030691.html
for a workaround. This workaround might be a starting point for
your debugging.
This is all I can do. It's not much but I hope this helps yo
restart (stop sendmail,
stop mimedefang, start mimedefang, start sendmail) or is
a simple "md-mx-ctrl reread" sufficient to load the new
SA-rules?
Thanks in advance,
Kees.
--
Kees Theunissen
F.O.M.-Institute for Plasma Physics Rijnhuizen, Nieuwegein, Netherlands
E-mail: [EMAIL PROTECTE
It might be possible to fix this directory,
as far as MimeDefang is concerned, to for instance
/usr/share/spamassassin. Some testing is needed to be sure about this.
But this has a side effect. Running spamassassin or spamd/spamc
from the commandline or running SpamAssassin from MimeDefang will
run dif
free to accept or reject mail, based on criteria
of your choice. But please don't say that your criteria are
based on internet standards. RFC1912 simply isn't a standard at all.
It's just some kind of a manual to prevent common configuration
and operation errors of the DNS system.
Reg
>
> RFC2821 speaks about EHLO, what about HELO?
>
Section 2.2.1:
[...]
Unless the different characteristics of HELO must be identified for
interoperability purposes, this document discusses only EHLO.
[...]
Section 4.1.4 doesn't mention different characteristics of HELO
so th
uin.com/pipermail/mimedefang/2006-August/030689.html
http://lists.roaringpenguin.com/pipermail/mimedefang/2006-August/030691.html
Regards,
Kees.
--
Kees Theunissen
F.O.M.-Institute for PlasmaPhysics "Rijnhuizen", Nieuwegein, Netherlands
E-mail: [EMAIL PROTECTE
-fprot Do not include support for F-prot Anti-Virus
--disable-sophieDo not include support for Sophie
--disable-nvcc Do not include support for Nvcc
--disable-clamd Do not include support for clamd
--disable-trophie Do not include support for Trophie
[
t; However, sendmail normally refuses mail for user unknown, and you
> should try to do that instead of mailing a bounce. Both virus and
> spam mail may contain an irrelevant but valid address as sender, so
> mailing a bounce to the "sender" is not a good idea.
The only good
pening? We're running MIMEDefang 2.55 and SpamAssassin 3.1.3 on
> RedHat Linux Advanced Server 4.
First a quote from a previous message from my on this list
Date: Thu, 8 Jun 2006 04:27:10 +0200 (CEST)
From: Kees Theunissen <[EMAIL PROTECTED]>
Subject: Re: [Mimedefang] Seeing whi
least not for this routing
problem) but you must keep the "list: [EMAIL PROTECTED],[EMAIL PROTECTED]"
alias.
Regards,
Kees.
--
Kees Theunissen
F.O.M.-Institute for PlasmaPhysics "Rijnhuizen", Nieuwegein, Netherlands
E-mail: [EMAIL PROTECTED], Tel: (+31|0)306096724, Fax: (+31|0)3
a new sendmail.cf from that .mc file?
And if you did: is the milter included in that new sendmail.cf file?
There should be a section "MAIL FILTER DEFINITIONS" showing the
following line:
Xmimedefang, S=unix:/var/spool/MIMEDefang/mimedefang.sock, F=T,
T=S:60s;R:60s;E:5m
Sincere
in having trouble to determine the home dir
of the MIMEDefang (and SpamAssassin) user when the program is launched
at boot time from the FC4 startup scripts.
Adding the line "export HOME=/path/to/defang/homedir/" (without quotes)
to the config script /etc/sysconfig/mimedefang sol
54 matches
Mail list logo