Re: [Clamav-users] Configuring SkipAuthenticated users in clamav-milter
Jerry wrote: If not, would this syntax work in the clamav-milter.conf file? SkipAuthenticated ^(m...@hostname.mydomain.net \ y...@hostname.mydomain.net \ ot...@hostname.mydomain.net)$ Unfortunately not. The feature was requested by a single person (who also provided a draft patch to whitelist *all* auth'ed users). I took the idea and made it use a regex as i thought it would allow to whitelist things like @domain with ease. If this doesn't work for you (i can certainly see why) then please open a ticket on the bugzilla to optionally make it read entries from a file. When time permits I'll work on that. -aCaB ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] Configuring SkipAuthenticated users in clamav-milter
On Fri, 28 Aug 2009 12:06:45 +0200 aCaB aca...@digitalfuture.it wrote: Jerry wrote: If not, would this syntax work in the clamav-milter.conf file? SkipAuthenticated ^(m...@hostname.mydomain.net \ y...@hostname.mydomain.net \ ot...@hostname.mydomain.net)$ Unfortunately not. The feature was requested by a single person (who also provided a draft patch to whitelist *all* auth'ed users). I took the idea and made it use a regex as i thought it would allow to whitelist things like @domain with ease. If this doesn't work for you (i can certainly see why) then please open a ticket on the bugzilla to optionally make it read entries from a file. When time permits I'll work on that. -aCaB Thanks, I will do that. I certainly would not want to white-list all authenticated users, so using @domain would probably be overkill, although I can see the usefulness of the concept for other users. The option to white-list all authenticated uses without listing each user individually might be a good option for the milter. Personally, I would prefer to maintain a separate file to make maintaining the list easier. How clamav-milter would handle an external file is also a concern. Would it read it only upon start up, or reread it whenever it is modified? The latter method would eliminate the need to restart the milter if the file is modified making system management easier. Perhaps having it reread the file a preset interval like clamd does with it's definition files would be acceptable. -- Jerry ges...@yahoo.com Where you stand depends on where you sit. -- Rufus Miles, HEW ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] Configuring SkipAuthenticated users in clamav-milter
Jerry wrote: How clamav-milter would handle an external file is also a concern. Would it read it only upon start up, or reread it whenever it is modified? The latter method would eliminate the need to restart the milter if the file is modified making system management easier. Perhaps having it reread the file a preset interval like clamd does with it's definition files would be acceptable. That would not be the unix way. The unix way is to read config files on startup and on HUP or USR. However signaling in the milter is problematic because libmilter does its own signal catching; that's braindead, if you ask me, but that's the way it is. -aCaB ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] Configuring SkipAuthenticated users in clamav-milter
On Fri, 28 Aug 2009 18:56:59 +0200 aCaB aca...@digitalfuture.it wrote: [snip] That would not be the unix way. The unix way is to read config files on startup and on HUP or USR. However signaling in the milter is problematic because libmilter does its own signal catching; that's braindead, if you ask me, but that's the way it is. Thanks, I was not aware of the problem with libmilter. -- Jerry ges...@yahoo.com Imitation is the sincerest form of television. Fred Allen ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] Configuring SkipAuthenticated users in clamav-milter
On Fri, 28 Aug 2009, aCaB wrote: Jerry wrote: How clamav-milter would handle an external file is also a concern. Would it read it only upon start up, or reread it whenever it is modified? The latter method would eliminate the need to restart the milter if the file is modified making system management easier. Perhaps having it reread the file a preset interval like clamd does with it's definition files would be acceptable. That would not be the unix way. The unix way is to read config files on startup and on HUP or USR. However signaling in the milter is problematic because libmilter does its own signal catching; that's braindead, if you ask me, but that's the way it is. -aCaB The sendmail way would be to add these whitelist entries into the access database. This method would only require re-hashing the berkeley database. Ted ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] Configuring SkipAuthenticated users in clamav-milter
On Fri, 28 Aug 2009 12:32:49 -0500 (CDT) Ted Hatfield t...@pat.io.com wrote: [snip] The sendmail way would be to add these whitelist entries into the access database. This method would only require re-hashing the berkeley database. That is similar to how Postfix handles databases that are frequently modified. I concur that it would seem like excellent solution to the problem. -- Jerry ges...@yahoo.com What is irritating about love is that it is a crime that requires an accomplice. Charles Baudelaire ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
[Clamav-users] Configuring SkipAuthenticated users in clamav-milter
I have several user names that I want to whitelist as authenticated SMTP users. I am using Postfix as my MTA on a FreeBSD-7.2 system. This is a snippet from the clamav-milter.conf file: # Messages from authenticated SMTP users matching this extended POSIX # regular expression (egrep-like) will not be scanned. # Note: this is the AUTH login name! # # Default: unset (no whitelisting based on SMTP auth) #SkipAuthenticated ^(tom|dick|henry)$ This is from the maillog file. I have obviously obfuscated some of the information. Aug 27 12:21:38 hostname postfix/smtpd[13248]: 43F6922848: client=localhost[127.0.0.1], sasl_method=LOGIN, sasl_username...@hostname.mydomain.net Since I have several 'authenticated' users that I want to skip checking on, would it be possible to put them into a file rather than list them in the clamav-milter.conf file? If so, what would the correct syntax be? If not, would this syntax work in the clamav-milter.conf file? SkipAuthenticated ^(m...@hostname.mydomain.net \ y...@hostname.mydomain.net \ ot...@hostname.mydomain.net)$ I assuming that I have enter the SASL user name the same way that Postfix is displaying it in the maillog. -- Jerry ges...@yahoo.com A man was reading The Canterbury Tales one Saturday morning, when his wife asked What have you got there? Replied he, Just my cup and Chaucer. ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml