Hi Mark,
Thanks for the hint, but the CIDR style address is not working. It does
work if i use a single IP address.
This works
my(@myisp) = qw( 93.157.1.5 );
But if i use
my(@myisp) = qw( 93.157.1.0/8 );
It does not trigger....but i have made a few changes...maybe that is the
reason.
Now i use :
if ($cl_ip eq Amavis::Lookup::IP::lookup_ip_acl($cl_ip,@myisp))
instead of :
if ($cl_ip ne '' && Amavis::Lookup::IP::lookup_ip_acl($cl_ip,@myisp))
The way i want to design this mechanism is very clear now. If the isp
sends us a message, it must not being spam checked at our own servers.
If X-Spam = yes from last ISP mta , goto quarantaine
If no X-Spam from last ISP mta is present, do not spamcheck.
Everything else, normal spamcheck.
I have a couple of CIDR style addresses from our isp...
This is my final script... (I am almost there :-)
--------------------------------------------
package Amavis::Custom;
use strict;
BEGIN {
import Amavis::Conf qw(:platform :confvars c cr ca);
}
# invoked at child process creation time;
# return an object, or just undef when custom checks are not needed
sub new {
my($class,$conn,$msginfo) = @_;
my($self) = bless {}, $class;
my($xspam) = $msginfo->get_header_field_body('X-Spam-Flag',0);
my($cl_ip) = $msginfo->client_addr;
my(@myisp) = qw( 120.151.0.0/16 );
# Check if our isp is the mta
if ($cl_ip eq Amavis::Lookup::IP::lookup_ip_acl($cl_ip,@myisp)) {
if ($xspam =~ /^[ \t]YES/) {
$msginfo->add_contents_category(CC_SPAM,0);
for my $r (@{$msginfo->per_recip_data}) {
$r->add_contents_category(CC_SPAM,0);
$r->bypass_spam_checks(1);
}
}
# Our isp mta but no X-Spam-Flag
for my $r (@{$msginfo->per_recip_data}) {
$r->bypass_spam_checks(1);
}
}
$self; # returning an object activates further callbacks,
# returning undef disables them
}
1; # insure a defined return
--------------------------------------------
Mark Martinec wrote:
> Richard,
>
>> I have it working now, but an extra issue came up.
>>
>> We found out that more mta's put the "X-Spam-Flag" in their header, so i
>> want to use the amavisd-custom.conf , only if the message comes from our
>> isp.
>>
>> I have found a solution, I use :
>>
>> my($subj) = $msginfo->get_header_field_body('X-Spam-Flag',0);
>> my($from) = $msginfo->get_header_field_body('Received',0);
>>
>> and then
>>
>> if ($subj =~ /^[ \t]YES/) {
>> if ($from =~ /ourisp.com/) {
>
> Don't forget to quote dots in regexp.
>
>> This works great, but i was wondering, is it possible to create an if
>> statement, or something that looks like a policy bank in amavisd.conf,
>> like the following :
>>
>> @myisp = qw ( 10.20.0.0/16 64.20.10.0/16 );
>> $policy_bank{'MYISP'} = {
>> include_config_files('/etc/amavisd-custom.conf');
>> };
>
> Won't work for two reasons:
>
> - currently the lookup_ip_acl routine can only return a boolean,
> not a string (which would be useful to provide a policy bank name),
> so the IP-based policy bank loading is only currently available
> for @mynetworks, loading a MYNETS policy bank. This needs to be
> generalized/improved dome day.
>
> - include_config_files() is not a run-time feature. It is like a
> compiler's #include, either you have it in the code or you don't.
>
>> Maybe a policy bank is not the answer, but something like that.
>> So if an IP number from our isp sends the message to our MTA, only then
>> I do the quarantaine trick.
>>
>> Is something like this possible, or should i keep using the
>> amavisd-custom.conf the way i use it know.
>
> The IP address of a client is available to your code in a custom
> hook. Just make an 'if' around your code section, e.g.:
>
>
> my($cl_ip) = $msginfo->client_addr;
> my(@myisp) = qw( 192.0.2.200 192.0.2.201 192.0.2.0/25 );
> if ($cl_ip ne '' && Amavis::Lookup::IP::lookup_ip_acl($cl_ip,@myisp)) {
> # your code here
> }
>
>
> Mark
>
>
> -------------------------------------------------------------------------
> This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
> Build the coolest Linux based applications with Moblin SDK & win great prizes
> Grand prize is a trip for two to an Open Source event anywhere in the world
> http://moblin-contest.org/redirect.php?banner_id=100&url=/
> _______________________________________________
> AMaViS-user mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/amavis-user
> AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
> AMaViS-HowTos:http://www.amavis.org/howto/
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
AMaViS-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
