> AM.PDP protocol does not support modifications to mail body, > which is why defanging with AM.PDP/milter has no effect. > In principle the protocol could be extended to provide it, > but there is not much point transferring message back and > forth across a milter protocol and then again cross AM.PDP > protocol, when doing the same over SMTP already provides the > functionality.
Yes, but is there an alternative that will permit rejection of messages? A dual SMTP setup will only let you bounce them. Bouncing viruses or spam is not the best way to go, however losing mail isn't very acceptable either. Rejection in my opinion is the way to go for these types of messages. So, unless I'm mistaken, while doing the same over SMTP provides the functionality; doing it over SMTP does not provide the same functionality as a milter. With the absence of alternatives for rejection, doesn't it make sense to extend AM.PDP to include modification of the body? Mark Martinec wrote: > Jonathan, > >> Using the following options, the messages are being passed, >> but not defanged: >> $final_banned_destiny = D_PASS; >> $defang_banned = 1; > >> Option 1 works well for local hosts. FYI this document is >> geared to postfix. I'm using sendmail with amavisd-milter. > > AM.PDP protocol does not support modifications to mail body, > which is why defanging with AM.PDP/milter has no effect. > In principle the protocol could be extended to provide it, > but there is not much point transferring message back and > forth across a milter protocol and then again cross AM.PDP > protocol, when doing the same over SMTP already provides the > functionality. > >> The option still works though. Amavisd-milter must be passing >> the IP to amavis-new. > > It is. > >> Option 10, I think, will be more difficult (authenticated non-local >> hosts). I'm using TLS on ports 25 and 2500, and SSL on ports 465 and >> 4650. I know milters have the capability of determining whether or not >> someone authenticated because there is Milter Macro for it called >> auth_authen. Another milter I use, milter-greylist uses this to >> determine if the user authenticated and to not delay them if they have. >> >> Does amavis-new have the capability of picking up on this? Would it be >> appropriate for it to be able to do so if used in conjunction with >> amavisd-milter? If so, I could ask the amavisd-milter developers to add >> support for it. > > Currently there is no capability to pass additional information from > amavisd-milter to amavisd over AM.PDP, although adding another attribute > to the protocol is quite straightforward. Amavisd could then switch > policy banks based on a value of such new attribute. It should not be > much work on the amavisd side. The code would go to sub check_amcl_policy, > see there for example on how it loads policy bank MYNETS (and/or MYUSERS) > based on passed client IP address (or sender address). > > One possibility is to place most of decision making into amavisd-milter, > in which case an attribute/value pair like: policy_bank=BANKNAME > would do. > > Alternatively, amavisd-milter could pass additional bits and pieces of > information to amavisd (like a value of some MTA macro, or info in SASL > authentication), then add code to amavisd to decide if it wants to > load some policy bank based on such information. > > Mark > > ------------------------------------------------------------------------- > Take Surveys. Earn Cash. Influence the Future of IT > Join SourceForge.net's Techsay panel and you'll get the chance to share your > opinions on IT & business topics through brief surveys -- and earn cash > http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV > _______________________________________________ > AMaViS-user mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/amavis-user > AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 > AMaViS-HowTos:http://www.amavis.org/howto/ ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ AMaViS-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/
