[EMAIL PROTECTED] wrote:
Matthew.van.Eerde wrote:
If you want to have a full-on layered permissions scheme (where the action applies to the smallest containing subnet) you could store a more complicated hash...
[snip]
I thought about all of this, by the way... And then remembered that
[EMAIL PROTECTED] wrote:
Philip Prindeville wrote:
I thought about all of this, by the way... And then remembered that
some networks are made of two or more adjacent CIDR blocks, but of
unequal size, or not aligned (mergeable). Look at:
'212.145.160.0/21' = 'REJECT',
'212.145.192.0
Joseph Brennan wrote:
You will reject legitimate mail from variously misconfigured servers.
They will tend to be run by nonprofits and small businesses. Remember
that the purpose of the exercise is not be RFC cop but to cut down on
spam. I think you'll have to back off rejecting these and
[EMAIL PROTECTED] wrote:
I don't see why this is a problem... can't Patricia handle unmergeable
neighbors as seperate entries?
Well, yes. But I was hoping to add support for address ranges as
well... I.e. 212.145.160.0-212.145.223.255 (since that's how some
of them are stored in the
Joseph Brennan wrote:
We score for bad $Helo and sometimes we reject when a message has other
spammy features. Whenever I get a report of this, it always turns out
to be some small-scale operation like a club, a church, a museum, one
guy sending newsletters, etc. Why? I suppose because
David F. Skoll wrote:
Or, the original poster may be invoking mimedefang without the -r
option, in which case filter_relay is never called.
Regards,
David.
So MX_SENDER_CHECK and MX_RELAY_CHECK need to be set
to yes in /etc/sysconfig/mimedefang...
-Philip
David F. Skoll wrote:
Or, the original poster may be invoking mimedefang without the -r
option, in which case filter_relay is never called.
Regards,
David.
I wasn't paying attention, apparently, that the default config in
/etc/sysconfig/
didn't include sender and relay checking. Or
[EMAIL PROTECTED] wrote:
Philip wrote:
I've attached what I've got now in place. Next I'll try to integrate
Net::CIDR.
Can you add this to the wiki too (for posterity?)
http://www.mimedefang.org/kwiki/
I can run it for a bit and see how well it works, do some fine tuning,
and
David F. Skoll wrote:
Philip Prindeville wrote:
BTW: Are there patches to support calling filter_helo directly, rather
than bundling it as part of filter_sender?
Not that I'm aware of.
Here's why: certain sites that don't get a lot of external mail but do
need to be open
Kevin A. McGrail wrote:
Philip:
Some follow-up on your work because it mimics a lot of mine (and much
of that worked helped greatly by Joseph Brennan, Les Miksell, Mark
Damrose, Matthew van Eerde and Jan Pieter Cornet).
A) localhost tests will fail for people using norton antivirus.
B)
Jan Pieter Cornet wrote:
On Tue, Jan 10, 2006 at 07:11:35PM -0700, Philip Prindeville wrote:
This seems like pretty weak security to me. Is there a valid reason for
having sites answer to an EXPN or VRFY?
Agreed that it's weak security: some legacy management software requires
I'm tired of getting Paypal notifications... And eBay, since I don't use
either.
Any pointers to filters for select message headers? Or is that
something that's
more typically done in SpamAssassin instead?
-Philip
___
NOTE: If there is a
Perhaps the easiest thing in the world to spoof is the Date: line, and
yet some people manage to botch that up...
---BeginMessage---
その名の通り完全無料で直電交換&直電閲覧ができるよん♪
http://www.awg5.net/?ts1
メールでダラダラする必要無し!
☆電話で即決だから間違い無し!
☆もちろんメールを読むのも送るのも完全無料♪
☆メールにするも良し!電話にするも良し!貴方次第でどうにでもしてね♪
Perhaps the easiest thing in the world to spoof is the Date: line, and
yet some people manage to botch that up...
Message-ID: [EMAIL PROTECTED]
To: philipp_subx [EMAIL PROTECTED]
Subject: =?ISO-2022-JP?B?GyRCJDwhQSRzJFYhIiU/JUAbKEI=?=
I remember seeing something that there's a bug in sendmail that might
stop a filter_helo from working. Anyone have the specifics of this?
Like what the behavior is, and in what version of sendmail it was
fixed?
I'm running 8.13.1 on FC3, and Mimedefang 2.54. I'll post the patch
for testing
I'd like to propose the following patch, as a prequel to the
posting of an amended mimedefang-filter on the Wiki...
--- redhat/mimedefang-spec.in.bak 2004-09-21 19:50:36.0 -0600
+++ redhat/mimedefang-spec.in 2006-01-13 15:51:55.0 -0700
@@ -138,16 +138,17 @@ Release:
Richard Laager wrote:
On Fri, 2006-01-13 at 15:54 -0700, Philip Prindeville wrote:
I'd like to propose the following patch, as a prequel to the
posting of an amended mimedefang-filter on the Wiki...
If your changes are only going on the Wiki, then adding a Requires to
the mimedefang
Well, the question then becomes is should the shipped .spec file support
all of the example config files and scripts as well?
-Philip
Damrose, Mark wrote:
If your filter example post to the Wiki requires Net-CIDR-Lite, state that in
your Wiki entry. Those who want to use your code can load
David F. Skoll wrote:
filter_helo is one thing, but adding a dependency on Net::CIDR::Lite
is probably not in the cards. One of the biggest complaints from
people who've tried MIMEDefang is the number of Perl modules it
requires. I really hesitate to make another absolute dependency; I'd
Damrose, Mark wrote:
FYI: I added an example of using Net::CIDR::Lite to the Helo testing
wiki at http://www.mimedefang.org/kwiki/index.cgi?UseHeloToCatchSpam
Hmm Found some issues (shortcomings, whatever) with the API to
Net::CIDR::Lite.
First is that when you pass it bad
Apparently, they're not running a very tight ship. I'm seeing:
Jan 15 15:16:04 mail sendmail[17255]: NOQUEUE: connect from
cernmx08.cern.ch [137.138.166.172]
Jan 15 15:16:04 mail sendmail[17255]: AUTH: available mech=DIGEST-MD5
ANONYMOUS
CRAM-MD5, allowed mech=EXTERNAL GSSAPI DIGEST-MD5
Working on adding filter_helo support...
Hmmm... I'm looking at MXRelayOK, MXSenderOK, MXRecipientOK, etc.
and wondering about why there's duplication of both passing the same
arguments
again (ip, name, helo, etc)... As well as duplicating the validation
logic for
arguments...
Inquiring
Quick question...
I was wondering about moving the:
write_mx_command(data-cmdFD, 'E', (unsigned char *) data-heloArg);
into the helo() function from envfrom() instead... but I'm not sure at
what point
the file is opened and can be written to... currently that happens in
envfrom()
too,
Ok, some progress... I've installed the package, I'm running it currently.
Anyone have any comments on it?
Thanks,
-Philip
--- examples/init-script.in.bak 2005-10-14 10:16:27.0 -0600
+++ examples/init-script.in 2006-01-17 00:58:34.0 -0700
@@ -39,16 +39,19 @@ [EMAIL
Jan Pieter Cornet wrote:
On Tue, Jan 17, 2006 at 02:15:25AM -0700, Philip Prindeville wrote:
Ok, some progress... I've installed the package, I'm running it currently.
Anyone have any comments on it?
Yes: why do you remove the HELO argument in filter_sender? This means
you're
Jan Pieter Cornet wrote:
Also, your code assumes you cannot call smfi_setreply in the helo()
callback, but that assumption is wrong. At least, it is according to
the milter API documentation. It's probably very useful to set a reply
after HELO!
Ok, here are part of the revised diffs to
David F. Skoll wrote:
But it breaks existing filters; we need the helo arg back.
And there's a good reason to pass HELO in filter_sender (and
filter_recipient, for that matter): You may WANT to defer your
HELO processing until later. Our commercial products, for
example, let individual
Jan Pieter Cornet wrote:
Also, your code assumes you cannot call smfi_setreply in the helo()
callback, but that assumption is wrong. At least, it is according to
the milter API documentation. It's probably very useful to set a reply
after HELO!
Ok, here are part of the revised diffs to
David F. Skoll wrote:
Not in filter_sender if we use your patch, unless we parse the
commands file manually.
If you re-work your patch to leave filter_sender as it was, I will
include it in the official release.
Here's the patch again. I was hoping to get some answers about the
David F. Skoll wrote:
(Btw, I've noticed that almost no patch submitters remember to update
the man pages! :-))
Not true! ;-)
I updated the man page, but that also included edits for changing
filter_sender(),
which I then had to back out...
-Philip
Seems to be working:
Jan 17 08:10:01 mail sendmail[24471]: NOQUEUE: connect from
san-cust-208.57.14.2.mpowercom.net [208.57.14.2]
Jan 17 08:10:01 mail sendmail[24471]: AUTH: available mech=DIGEST-MD5
ANONYMOUS
CRAM-MD5, allowed mech=EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN
Jan 17
I was looking at this module, and noticed a couple of short-comings.
(1) it doesn't return a failure code, only blurts a message via confess
with things go wrong;
(2) it doesn't allow you to save a pointer into each address block/range
and then retrieve it later and allow you to use it as
Can anyone point me to a guide for creating SSL certificates and sharing
them between Sendmail and Thunderbird clients?
I'd like to test the various authentication info in filter_sender...
Thanks,
-Philip
___
NOTE: If there is a disclaimer or other
David F. Skoll wrote:
Doh! I forgot. I added it to the generic startup script, but
not the Red Hat ones. Thanks to all the beta testers who caught that! :-
Actually, that should have been in the original set of diffs that I
submitted.
They must have gotten dropped somewhere along the
I was wondering if we could update the HOWTO pages to describe
installing Mimedefang and Spamassassin both on a system, so that
the former is run, then the latter, or incoming email.
I'd like to be able to reject mail that fails certain tests, like containing
Hebrew, Cyrillic, and Han character
I've noticed that I've been getting email lately that looks like:
Return-Path: [EMAIL PROTECTED]
Received: from omc1-s35.bay6.hotmail.com (omc1-s35.bay6.hotmail.com
[65.54.248.237])
by mail.redfish-solutions.com (8.13.1/8.13.1) with ESMTP id k0REdJbh004285
for [EMAIL PROTECTED]; Fri,
David F. Skoll wrote:
http://search.cpan.org/~tpaba/Net-Ifconfig-Wrapper-0.09/
Too heavy weight. Requires a fork/exec for each iteration.
Easier to just do some ioctl()'s.
Too many false-positives. We own a measly 8 IP addresses where our
colo box sits. If you block us because someone
David F. Skoll wrote:
Philip Prindeville wrote:
From Perl? But the whole thing's pretty silly anyway -- unless your
server is very unusual, you can hard-code its IP address(es) in your
filter.
Well, there are a few reasons:
(1) it makes it turn-key so that neophytes can use it more
This is what I came up with. It's been tested on both 32-bit and 64-bit
Linux (amd64).
If you call IfAddrs::get() and you only get a single interface name/address
pair, test it via isunroutable(). If the address ISN'T unroutable, then you
shouldn't be seeing anyone connecting to you with this
David F. Skoll wrote:
Neophytes shouldn't attempt to use MIMEDefang. Anything that pretends
to make MIMEDefang usable by neophytes is a bug, not a feature, IMO. :-)
Well, you can know something about email, even Perl scripting, and not know
of a better way to get IP addresses than
Cool. Too bad no one has written an XML way of retrieving it and
parsing it out.
-Philip
David Nelson wrote:
Another thing to check out are bogons. Bogons are networks that have
not been allocated by IANA, which means you should never see them as
they technically constitute a non-routable
Ok, so who wants to cooperate on a Perl module to map IP addresses to
CIDR blocks, provider names, and country codes?
-Philip
___
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID. You may ignore it.
Except that if you're using filter_helo(), you haven't yet seen
authentication
information at that point... AUTH happens after HELO.
-Philip
James Ebright wrote:
Something else unrelated to note... if your server talks to MUAs then
you will want to exempt any user from your helo stuff that
Does everyone use the built-in scoring, or do they write their own?
I can see how, at the very least, you'd want to configure your set of
ok_locales for SA.
Perhaps the MdF (RPM) distribution could contain a set of sample
sa-mimedefang.cf.example files?
Also, instead of flagging spam, what
So, did the message attached below fire up because it contained the
words porn and viagra? Does that mean that not only spam, but
talking about spam, is subject to filtration? ;-)
I was going to try the config below... I'll see how it works.
I ran the spamassassin -t -x test that's in the
More confusion... Ok, I used the *CHARSET_FARAWAY tests with
scores of 5.0 in the previous email. Then I ran a message with:
Content-Type: text/plain; charset=ISO-8859-9
even though my ok_locales en fr are set (so tr isn't included).
Didn't see any CHARSET_FARAWAY matches. For both en and
I was wondering... if you take an email that's more than 3 days old,
and you do a Redirect (in T-Bird, i.e. a blind bounce, rather than
forwarding as an attachment... that is only Resent-To:, Resent-From:,
Resent-Date: gets added to it... ) Will is use the correct date when
figuring out the
Hmmm... I'm running a Linux shop here, so rarely does anyone send me
legitimately a .exe or .pif file. I was wondering about making the
following
change to the stock mimedefang-filter:
if (filter_bad_filename($entity)) {
md_graphdefang_log('bad_filename', $fname, $type);
#
Alexander Dalloz wrote:
BTW: my SpamAssassin pukes at use_terse_report 1. What version
does that apply to?
Pre SA 3.x
You may now use remove_header all Report to remove the verbose report.
Someone want to update the HOWTO installation instructions?
-Philip
David F. Skoll wrote:
One other thing I thought about: what about detecting spammers, and
then looking up the CIDR block that their address belongs to, and adding
it to a blacklist automatically in filter_relay()?
Too many false-positives. We own a measly 8 IP addresses where our
colo
Anybody have an example of using the Net::CIDR::Lite::spanner objects?
I haven't figured how to use these and the man page could be a bit more
expounding...
-Philip
___
NOTE: If there is a disclaimer or other legal boilerplate in the above
message,
I was just thinking... We don't export any of the Sendmail variables into
the filter_helo() code:
O Milter.macros.helo={tls_version}, {cipher}, {cipher_bits},
{cert_subject}, {cert_issuer}
What to do about that?
-Philip
___
NOTE: If there is a
Damrose, Mark wrote:
That wouldn't work on my system, and many others. If you do a
gethostbyname() you'll get the local unroutable address back -
since the internal and external DNS for my namespace are maintained
on separate servers.
Not if you query one of the root name servers...
If
Paul Murphy wrote:
The stock filter has a non-dangerous set of defaults. If the change you
proposed was included in the stock filter, many sites would be bouncing
important files with no indication to the recipient that anything was going
wrong.
By all means do it in your own filter, but
I've found some bugs and shortcomings in Net::CIDR::Lite and tried
to resolve them with the author/maintainer, but it's extremely slow going.
I don't know if some of the more wanton issues will ever get resolved.
Anyone know of a similar module that provides equivalent functionality?
Thanks,
I'm seeing a lot of the following messages:
...
Feb 10 10:51:38 mail mimedefang-multiplexor[27593]: Killing idle slave 0
(pid 10777): New generation -- forcing reread of filter rules
Feb 10 10:55:51 mail mimedefang-multiplexor[27593]: Killing idle slave 1
(pid 10791): New generation -- forcing
David F. Skoll wrote:
Hmm... I'm seeing that too, and I can't for the life of me track it down.
I built a version with some more debugging code and I'll try to nail down
what's happening.
FWIW: I didn't see this with 2.54.
-Philip
___
NOTE:
I'm not seeing it...
-Philip
*** redhat/mimedefang-init.in.bak 2006-01-20 06:09:00.0 -0700
--- redhat/mimedefang-init.in 2006-02-11 11:20:16.0 -0700
***
*** 243,248
--- 243,249
$([ -n $SYSLOG_FACILITY ] echo -S $SYSLOG_FACILITY) \
$([
I was wondering about how the milter code works in Sendmail,
and the fact that if the filter_helo() rejects the message, then HELO
still responds with 250 and moves to the next stage, but when
a EXPN or MAIL FROM: is seen, then Sendmail gives the
error status from the previous HELO rejection.
[EMAIL PROTECTED] wrote:
Philip Prindeville wrote:
Given that a filter_helo() rejection typically isn't going to be given
to a legitimate mailer to begin with, but to a ratware client, strict
conformance with the standard wouldn't seem to be that important.
Well, unless there's a false
Are you interested in just what your users are using, or what is still
out there?
If the former only, then you'll want to either just look at stuff
coming in that's authenticated, or coming in on your submission port,
or else coming from your internal networks... Or on messages that
have no
David F. Skoll wrote:
You might want to change that regexp to something like:
/a[^]{1,200}href\s{0,10}=.{0,200}(onmouseover|onmousemouse)\s{0,10}=\s{0,10}window\.status\s{0,10}=/i
Ah, yes. Thanks. And it's onmousemove, not onmousemouse... Sloppy
typing...
The a, href, and onmousemove
Kevin A. McGrail wrote:
Philip:
This rule won't hit on the phishing email I was discussing. It doesn't use
a mouseover. It uses a nested a tag to hide to real link. Thanks to
Kenneth Porter, here's my original post:
http://thread.gmane.org/gmane.comp.jakarta.tomcat.user/127749
Hi.
I'm working on a prototype mimedefang-filter example modeled after
what we've been using here with fairly good success.
A few questions before I go too far down a dead-end, however...
Any preferences in formats for config files? I was thinking of
using Config::General, but then XML seemed
When Mimedefang calls SA, what pseudo-headers does it generate
in the message and where in the code does it insert them?
I was wondering about the recipients being inserted...
I see where the Return-Path: gets generated, but not the recipient
list...
-Philip
[EMAIL PROTECTED] wrote:
Philip Prindeville wrote:
When Mimedefang calls SA, what pseudo-headers does it generate
in the message and where in the code does it insert them?
See the spam_assassin_mail sub in mimedefang.pl
I was wondering about the recipients being inserted
I'm looking at the code:
if (filter_bad_filename($entity)) {
md_graphdefang_log('bad_filename', $fname, $type);
return action_drop_with_warning(An attachment named $fname was
removed from this document as it\nconstituted a security hazard. If you
require this document, please
I added a new example to the Wiki that people can download and paste
in if they wish:
http://www.mimedefang.org/kwiki/index.cgi?PhilipsWorkingFilter
Any comments are appreciated.
Thanks,
-Philip
___
NOTE: If there is a disclaimer or other legal
Steffen Kaiser wrote:
On Wed, 5 Apr 2006, Philip Prindeville wrote:
I added a new example to the Wiki that people can download and paste
in if they wish:
http://www.mimedefang.org/kwiki/index.cgi?PhilipsWorkingFilter
Any comments are appreciated.
:-) You ban the .eu TLD (European
Steffen Kaiser wrote:
You match the TLD agains $ccpat.
BTW: I don't remember where, but there is perl FAQ with entry like how
can I check if a value is part of an ARRAY?, the answer is like if you
need to ask this, you certainly have used the wrong data structure and
should use an HASH.
[EMAIL PROTECTED] wrote:
Anyone else have any comments about the example or the strategy?
Very nice.
If anyone ends up using it, and/or making improvements on it, please report
your experience to me or the list. Thanks.
___
NOTE: If there
Dave Williss wrote:
- Original Message -
From: Gary Funck [EMAIL PROTECTED]
To: mimedefang@lists.roaringpenguin.com
Sent: Sunday, April 16, 2006 6:34 PM
Subject: RE: [Mimedefang] Image validator/OCR SA plugin
Martin wrote:
But problably the spammers
will soon change their
Hi.
I'm submitting from a host behind a NATed gateway, so the
address that my machine things it is using when it says HELO [x.x.x.x.x]
if different from that which my local server is seeing.
The problem is that we check for address spoofing as a basic sanity
test... and it's failing (of
I've been thinking about this issue some more, and was
wondering...
Would it be easier to have to sendmail instances, one that
listens on 465 for authenticated email only, and then requeues
it locally by passing it onto the primary instance of sendmail,
which would apply mimedefang+spamassassin
I'm getting the following in my logs:
May 2 08:26:08 mail mimedefang-multiplexor[4571]: Slave 0 stderr:
auto-whitelist: open of auto-whitelist file failed: locker: safe_lock: cannot
create tmp lockfile
//.spamassassin/auto-whitelist.lock.mail.redfish-solutions.com.12480 for
I'm using port 465 and SSL for local submissions, and I'd like
to tweak either Mdf or SA (or both) so that if I forward (for
instance) a copy of a spam to someone outside, that I in
turn don't get my message rejected because it looks like spam.
Now, why isn't trusted_networks taking effect?
[EMAIL PROTECTED] wrote:
Philip Prindeville wrote:
Do we want to change the line:
if ($Features{SpamAssassin}) {
in mimedefang-filter, for instance, to skip this check if $auth_authen
is valid?
Yup. http://www.mimedefang.com/kwiki/index.cgi?SMTPAuth
Thanks. Should
I was wondering... Since MdF can be used to invoke SA, and it can
extract information from the headers such as a the envelope recipient
information... I was wondering about a lot of the ML's on
lists.sourceforge.net.
They get a lot of spam. Especially open forums like alsa-devel that you
Kees Theunissen wrote:
[snip]
This looks like SpamAssassin having trouble to determine the home dir
of the MIMEDefang (and SpamAssassin) user when the program is launched
at boot time from the FC4 startup scripts.
Adding the line export HOME=/path/to/defang/homedir/ (without quotes)
to the
Hi.
Been off working on other projects and hence haven't spent a lot of
attention to this list the last few months (sniff!), but I have more free
time lately (largely due to being made redundant, woo-hoo!).
Anyway, if these questions have been asked before, sorry.
A few issues/questions I was
David F. Skoll wrote:
Does Lotus Notes/Domino respect the Precedence: list header and not
send auto-replies? Does it avoid sending auto-replies if the
sender matches *-request, *-relay, *-owner, owner-*,
postmaster, mailer and mailer-daemon? Does it add an
Auto-Submitted: auto-replied header?
David F. Skoll wrote:
Philip Prindeville wrote:
HELO localhost.localdomain
from 192.150.1.3, then it will reject that the session... with a 5xx
message... and will also blacklist incoming connections from that
site for the next 4 hours... If another connection comes in from
I'm trying to do some stochastic analysis of stock spams and
figure out if there's a common fingerprint that can be used to
identify them...
But first, I'm bumping up against some Perl issues.
Seems that there aren't many modules out there that help
deconstruct Gif formats. I'm using
Whoa. There's a plethora of XML modules on CPAN for parsing/
generating XML. Some modules read on, others write only... I'm
looking for something that can do either, and stores the nodes in an
internal representation that makes for intuitive/tight notation in Perl.
Any recommendations?
David F. Skoll wrote:
Philip Prindeville wrote:
Any recommendations?
Why do you want to use XML? IMO, it's a solution looking for a problem.
Regards,
David.
Customer requirement.
Besides, it's Gconf manageable.
-Philip
___
NOTE
David F. Skoll wrote:
Philip Prindeville wrote:
Any recommendations?
Why do you want to use XML? IMO, it's a solution looking for a problem.
Regards,
David.
Anyone else have anything to add to this?
-Philip
___
NOTE
We were running FC3 on an x86_64 platform (good bang for the buck)
and decided to finally upgrade to FC5... except that the FC3 to FC4
upgrade path doesn't really work, so we had to backup our disks,
zap the system, install FC5 over it, and then copy back the content we
wanted to keep. Hopefully,
David F. Skoll wrote:
Philip Prindeville wrote:
Oh... and in digging around, I saw:
sub md_syslog ($$) {
my($facility, $msg) = @_;
[...]
Hmm... Klunky. What about:
sub md_syslog ($$;@) {
my($facility, $fmt, @args) = @_;
Except that now all callers
Damrose, Mark wrote:
[snip]
Yes.
http://lists.roaringpenguin.com/pipermail/mimedefang/2006-September/030880.html
The problem seems to be a combination of how MD initializes Sys::Syslog and
Fedora's syslogd
sub md_openlog ($$) {
my($tag, $facility) = @_;
$MDOpenLogCalled =
David F. Skoll wrote:
Philip Prindeville wrote:
Hmm. syslog() already has printf-style formatting... should the wrapper
occlude that functionality?
Yes, because it's superfluous in Perl. Just use variable interpolation
directly.
Doesn't work with hex, or floats, etc. obviously
David F. Skoll wrote:
Marco Meier wrote:
i think the mimedefang-filter manpage should be changed according to
this. It says: This lets you reject connections after the HELO/EHLO
SMTP command.. In fact, they aren't rejected right there.
Actually, I have a better idea: If I completely
David F. Skoll wrote:
Dirk the Daring wrote:
I don't have any problems with filter_helo. When it returns a REJECT,
the SMTP conversation does not seem to progress any further.
Really? Hmm...
Anyway, it's gone. I don't think the extra code is worth it.
Regards,
David.
David F. Skoll wrote:
Philip Prindeville wrote:
What if the milter interface were to evolve to have an additional
hook for other commands (like VRFY/EXPN/RTRN, etc) and
you wanted to base how you handled those commands on what
you had seen in the HELO?
It would be handled the same way
Cormack, Ken wrote:
[snip]
As you can see, I have turned off the actual rejection, since this caused
LOTS of problems just beginning today! I'm still logging the info, so that
come next week I can see what correlation there might be between the IP
addresses that get logged, and if there's a
[EMAIL PROTECTED] wrote:
[snip]
[EMAIL PROTECTED] bin]# service mimedefang start
Starting mimedefang-multiplexor: [ OK ]
Starting mimedefang: /bin/bash: line 1: 10811 Segmentation fault
/usr/bin/mimedefang -P /var/spool/MIMEDefang/mimedefang.pid -m
[EMAIL PROTECTED] wrote:
[EMAIL PROTECTED] ~]# mimedefang -P /var/spool/MIMEDefang/mimedefang.pid -m
/var/spool/MIMEDefang/mimedefang-multiplexor.sock -R -1 -U defang -q -p
/var/spool/MIMEDefang/mimedefang.sock -x
Segmentation fault
[EMAIL PROTECTED] mimedefang]# mimedefang -U defang -p
I'm seeing the following in my logs:
Nov 19 11:49:39 mail mimedefang.pl[11501]: no rDNS: reject [207.220.83.13]
Nov 19 11:49:39 mail mimedefang.pl[11501]: filter_relay tempfailed host
207.220.83.13 ([207.220.83.13])
Nov 19 11:49:39 mail sendmail[15385]: kAJInd3l015385: Milter: connect:
Two things: first, you might need to tell gdb where to look
for the symbol file, with the file command or with an extra
argument from the shell when you start it up. second: your
stack is corrupt.
From #1 onwards, all of these are dumps are pointing into
text... Not stack.
If you decode the
Hmmm...
I run sendmail/cyrus-imapd/spamassassin/mimedefang on an
x86_64 machine (FC5 on an Athalon64 2800+) and it works fine.
To keep the mail server simple, however, I wanted to build
mimedefang-2.58 on a different machine, so I went ahead and
grabbed all of the dependencies.
I have to say, I
Philip Prindeville wrote:
I have to say, I was a bit configured. It seems that the build-time
dependencies have been muddled with the run-time dependencies.
Grrr... dropping big chunks of text. a bit confused on how it's
configured.
___
NOTE
1 - 100 of 250 matches
Mail list logo
