Re: [Mimedefang] Change subject according to string match in body

Wed, 20 Jan 2010 00:46:10 -0800 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, 19 Jan 2010, Johan Lundberg wrote:

Primary, follow the advice of Dave and move your check into filter().
During this phase the module variables (globally defined varables
in mimedefang-filter) are shared, hence, you can prepare the check in
filter_begin(), e.g. open log file, prepare the condition when to search
for the pattern, do the subject check etc, and end it in filter_end(),
e.g close the log file.

If you read INPUTMSG directly, you have to deal with MIME encoding etc,
hence, I would go the filter() route.

BTW: because multiple MIMEDefang processes may run simultaneously,
you might loose log info. You should use Syslog.


sub filter_end {
*snip* *snip*
   # Search for "pattern" in the mail body
   # and prepend subject with [See Me].
   my $sender = $entity->head->get('From',0);
Well, there is $Sender, which is the envelope MAIL FROM, which probably differs from the header. BTW: There is probably no From header. 


   if ($sender =~ /examp...@example\.com/) {


I guess, you want to check anchored regex:
    if ($sender =~ /\A(examp...@example\.com|..)\z/) {


       my $subject = $entity->head->get('Subject',0);


Already in $Subject


       if ($subject =~ /pattern/i) {
           print INFO "Subject hit: Subject changed!\n";
           action_change_header('Subject', "[See Me]$subject");
       } else {
           my $body = $entity->bodyhandle;
I'm not sure, if this works with multipart MIME messages, at least you would need some checks. 


           my $IO = $body->open("r");
           while (defined($_ = $IO->getline)) {
               if (/pattern/i) {
                   print INFO "Body hit: Subject changed!\n";
                   print INFO "Body line: $_\n";
                   action_change_header('Subject', "[See Me]$subject");
                   last;
               }



BTW: If you use SpamAssassin, you can create your own rule, score it with
"0.0" - so the SPAM score is not changed - and check the matched rules for your one. 

Regards,
- -- Steffen Kaiser 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iQEVAwUBS1a+7UgddVksjRnHAQLvMQf/QjJcAYJZ8nqGKDFW4G8h3n2kPmLyKDBY
xSH84+oT/zXdtBtpfB1w6C9mw5aI6tperG16GcmkwMy1rLlVCiIzDuuPQD6PUCFf
Wb+/lhuWvcEf63mlTWDtBJw8q5mmRrze6fhhK3Lvnpe7bnHU0ZS0q+YMAcNAlYWe
G7qt7Lmy+hNvN6uAsxv32VVqAytGO6Ro7IHz5LfWL5RSOeGjZGplD3JdupI97kzu
uamxAwvmfZ6ZPPI0MHlHpd7hPyOrx3w78RzKk8Y2vVciRnuiH3JtUpmi39hiiR30
rA1FZhmOM41FmeFDwbMTYxOF4wvhNhQh2z39ibTLT5iltajnpi5KoA==
=iU51
-----END PGP SIGNATURE-----
_______________________________________________
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID.  You may ignore it.

Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list [email protected]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

Reply via email to