Am 24.03.2013 15:28, schrieb James Curtis:
>>> md_graphdefang_log('spamhaus', $hits, $RelayAddr);
[...]
>>> # the reject works, but graphdefang log shows the Subject instead of Relay
>>> address
[...]
> Mar 24 09:44:06 monitor mimedefang.pl[15805]:
> MDLOG,r2ODhv3a027039,spamhaus,,31.16.181.217,<[email protected]>,<[email protected]>,Huge
> 83%25 discount for sandseatravel
You are reading this wrong. Quoting the manpage for mimedefang-filter:
md_graphdefang_log($event, $v1, $v2)
Logs an event with up to two optional additional parameters.
The log message has a specific format useful for graphing
tools; the message looks like this:
MDLOG,msgid,event,v1,v2,sender,recipient,subj
So your log entry contains:
- the fixed string MDLOG,
-- just as promised by the manpage
- msgid = r2ODhv3a027039,
-- a plausible message ID
- event = spamhaus,
-- as you specified
- v1 = empty,
-- unsurprisingly, as you passed $hits which is never set in your filter
- v2 = 31.16.181.217,
-- a plausible relay IP address
- sender = <[email protected]>,
- recipient = <[email protected]>,
- subj = Huge 83%25 discount for sandseatravel
-- all quite plausible
To me that looks like everything's working fine.
> I guess I need a mimedefang-filter and Perl for dummies book.
> Is there a place I can find such a document?
I seem to remember a book "Perl for Dummies" actually exists.
The best approximation to "mimedefang-filter for Dummies" is
probably this mailinglist. :-)
> How do I know what outputs a command will produce when called so I can base
> an if rule against it?
The mimedefang-filter manpage would be the canonical source for that.
> I just now realized that the unknown user reports are because I had to enable
> the recipient filter on the internal server, so that explains why the bounces
> are going out.
Yes, that makes more sense.
> But I really want it to check before sending so it doesn't accept, instead of
> bounce.
Sure, that's the way it can and should be done. Bounces are to
be avoided whenever possible.
I'm doing something similar on a mail server serving several
domains, some local and some relayed. My filter_recipient just
contains, for each relayed domain:
if ($recipient =~ /[@.]relayeddoma\.in>?$/i) {
return md_check_against_smtp_server($sender, $recipient, $helo,
'mail.relayeddoma.in');
}
ie. it just passes on the result of md_check_against_smtp_server
without even looking at it. This works for me because (a)
md_check_against_smtp_server's return value is designed to be a
valid return value for filter_recipient, and (b) I don't need to
do any further checks or actions on relayed mails in
filter_recipient after md_check_against_smtp_server.
If do you need to do more in filter_recipient after
md_check_against_smtp_server has returned "OK" you'll have
to assign its result to a variable and check it with
appropriate if statements. But I'd recommend against that.
SpamAssassin and virus checking belong in filter_end, and
additional logging doesn't add anything useful IMHO.
So if you relay *all* mails to <internal private address>,
your filter_recipient could in fact be as simple as:
sub filter_recipient
{
my($recip, $sender, $ip, $host, $first, $helo, $rcpt_mailer,
$rcpt_host, $rcpt_addr) = @_;
return md_check_against_smtp_server($sender, $recip,
"<filter serverexternal DNS name>", "<internal private address>");
}
HTH
T.
--
Tilman Schmidt
Phoenix Software GmbH
Bonn, Germany
signature.asc
Description: OpenPGP digital signature
_______________________________________________ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list [email protected] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
