[Mimedefang] This one got a chuckle
Perhaps the easiest thing in the world to spoof is the Date: line, and yet some people manage to botch that up... Message-ID: [EMAIL PROTECTED] To: philipp_subx [EMAIL PROTECTED] Subject: =?ISO-2022-JP?B?GyRCJDwhQSRzJFYhIiU/JUAbKEI=?= =?ISO-2022-JP?B?GyRCJEAkaCJ2GyhCKF5eKXYbJEJCKDdoGyhC?= From: [EMAIL PROTECTED] [EMAIL PROTECTED] Date: 2006-01-12 15:30:04 Content-type: text/plain; charset= ISO-2022-JP Which reminds me... I need to start looking into how to add filters for non-latin1 email content... -Philip ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
[Mimedefang] action_replace_with_url() and let return a good filename
Hello, there is a post of Jeremy Mates passing filename data through action_replace_with_url() from 2003-06-06 regarding how to preserve the original filename and mime type as meta data in a .${sha1_hash}.${ext} file along with a perl module to read the information and slips the info into Apache. The function itself is working like charm a long time now, and I'd like to add the preserve the original filename feature as well. I have the impression that this module works without to setup a CGI, right? If so, how can I enable this in Apache2, do somebody have any pointers or links for it? Bye, -- Steffen Kaiser ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
RE: [Mimedefang] validating 'possibly forged' helo IP's?
On a tempory rule basis, as nobody but nobody should allow the servers to patch themselves ,. look at the dmg this has done in the past ! Agreed. But getting a firewall manager to open the rule every time you want to get patches for the server will get you on their sh*t list. Windoze servers I have to deal with download, but do not install the patches automatically. ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] limiting SA's RBL timeouts
Joseph, I see that are doing RBL lookups through Mimedefang (as per your posting). I am running Mimedefang and SA and would like to switch RBL lookups to go through Mimedefang instead of SA. Would you be willing to post your section of your mimedefang-filter so that I can see how you are doing that? I realize it is also in the man pages, but I am not particularly good at PERL and it would help me greatly if I could see a real life example. Thanks, Theresa ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
RE: [Mimedefang] This one got a chuckle
From: Philip Prindeville Sent: Friday, January 13, 2006 12:44 AM Which reminds me... I need to start looking into how to add filters for non-latin1 email content... If you're using Spamassassin, you can tell it which locales and languages you expect, http://spamassassin.apache.org/full/3.0.x/dist/doc/Mail_SpamAssassin_Conf.ht ml For example, this should catch most European (Latin) dialects: ok_languages en fr it es de ok_locales en We place this sort of local configuration info. in local.cf along with other driectives like trusted_networks, whitelists, and local overrides of rule scores. ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
[Mimedefang] building a caching dns to keep uri blacklist lookups
I just got done talking with an engineer from a spam filter company that mentioned there is a way for uri's to be saved to the local caching dns so the next lookup will be local. I just thought having a local dns would do that. Did I miss something in my setup? If so, what do I need to change? Thanks again for everyone's help on getting this up and running. __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
[Mimedefang] Starting work on adding filter_helo to mimedefang
I remember seeing something that there's a bug in sendmail that might stop a filter_helo from working. Anyone have the specifics of this? Like what the behavior is, and in what version of sendmail it was fixed? I'm running 8.13.1 on FC3, and Mimedefang 2.54. I'll post the patch for testing when I'm satisfied it's stable. -Philip ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
[Mimedefang] Patch to mimedefang...
I'd like to propose the following patch, as a prequel to the posting of an amended mimedefang-filter on the Wiki... --- redhat/mimedefang-spec.in.bak 2004-09-21 19:50:36.0 -0600 +++ redhat/mimedefang-spec.in 2006-01-13 15:51:55.0 -0700 @@ -138,16 +138,17 @@ Release: #RELEASE# License: GPL Group: Networking/Mail Source0: http://www.roaringpenguin.com/%{name}/%{name}-%{version}#BETA#.tar.gz Url: http://www.roaringpenguin.com/%{name} Vendor:Roaring Penguin Software Inc. Buildroot: %{_tmppath}/%{name}-root Requires: sendmail 8.12.0 Requires: perl-Digest-SHA1 perl-MIME-tools perl-IO-stringy perl-MailTools +Requires: perl-Net-CIDR-Lite BuildRequires: sendmail-devel 8.12.0 BuildRequires: perl-Digest-SHA1 perl-MIME-tools perl-IO-stringy perl-MailTools %description MIMEDefang is an e-mail filter program which works with Sendmail 8.11 and later. MIMEDefang filters all e-mail messages sent via SMTP. MIMEDefang splits multi-part MIME messages into their components and potentially deletes or modifies the various parts. It then ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
RE: [Mimedefang] validating 'possibly forged' helo IP's?
-Original Message- From: Mack [mailto:[EMAIL PROTECTED] Sent: 13 January 2006 23:20 To: mimedefang@lists.roaringpenguin.com Subject: RE: [Mimedefang] validating 'possibly forged' helo IP's? It's a cath 22 really, how many fw/admins will configure to only d/load from MS IP's ? (none i bet) so it gives the if the patch can be d/loaded, so can anything else should the server be compromised ! But then, why run windoze servers on the inet, !! only valid reason i can think of these days is sun bought chillisoft (asp emulator for apache) which cost a damn fortune! (oh and asp.net sucks big time! - hell paul allen (or the MS guy who just did the PDP emu site on .net) can't even make his site SQL safe!) But anyway, not the list for such discuission, so i guess closing it from this ! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of [EMAIL PROTECTED] Sent: 13 January 2006 13:53 To: mimedefang@lists.roaringpenguin.com Subject: RE: [Mimedefang] validating 'possibly forged' helo IP's? On a tempory rule basis, as nobody but nobody should allow the servers to patch themselves ,. look at the dmg this has done in the past ! Agreed. But getting a firewall manager to open the rule every time you want to get patches for the server will get you on their sh*t list. Windoze servers I have to deal with download, but do not install the patches automatically. ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang This Email Has Been Anti-Virus Scanned ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Patch to mimedefang...
On Fri, 2006-01-13 at 15:54 -0700, Philip Prindeville wrote: I'd like to propose the following patch, as a prequel to the posting of an amended mimedefang-filter on the Wiki... If your changes are only going on the Wiki, then adding a Requires to the mimedefang package is incorrect. Richard ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
RE: [Mimedefang] Patch to mimedefang...
If your filter example post to the Wiki requires Net-CIDR-Lite, state that in your Wiki entry. Those who want to use your code can load the module. IMHO, the spec file, should only require packages that are truly required by MIMEDefang, not packages that are popular extras in local filters. -Original Message- From: Philip Prindeville I'd like to propose the following patch, as a prequel to the posting of an amended mimedefang-filter on the Wiki... +Requires: perl-Net-CIDR-Lite ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Patch to mimedefang...
Richard Laager wrote: On Fri, 2006-01-13 at 15:54 -0700, Philip Prindeville wrote: I'd like to propose the following patch, as a prequel to the posting of an amended mimedefang-filter on the Wiki... If your changes are only going on the Wiki, then adding a Requires to the mimedefang package is incorrect. Richard I'm hoping that the .spec changes will mesh with the support for filter_helo and the basic scripting for it that will be in the future release that includes it. -Philip ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Patch to mimedefang...
Philip Prindeville wrote: I'm hoping that the .spec changes will mesh with the support for filter_helo and the basic scripting for it that will be in the future release that includes it. filter_helo is one thing, but adding a dependency on Net::CIDR::Lite is probably not in the cards. One of the biggest complaints from people who've tried MIMEDefang is the number of Perl modules it requires. I really hesitate to make another absolute dependency; I'd rather continue to use the mechanism in detect_and_load_perl_modules to discover modules at run-time and enable bits of functionality based on what is discovered. Regards, David. ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Patch to mimedefang...
Well, the question then becomes is should the shipped .spec file support all of the example config files and scripts as well? -Philip Damrose, Mark wrote: If your filter example post to the Wiki requires Net-CIDR-Lite, state that in your Wiki entry. Those who want to use your code can load the module. IMHO, the spec file, should only require packages that are truly required by MIMEDefang, not packages that are popular extras in local filters. ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
RE: [Mimedefang] Patch to mimedefang...
Philip wrote: Well, the question then becomes is should the shipped .spec file support all of the example config files and scripts as well? I think of the example config files and scripts as serving suggestions whose caloric content is not included in the nutrition facts. ;) -- Matthew.van.Eerde (at) hbinc.com 805.964.4554 x902 Hispanic Business Inc./HireDiversity.com Software Engineer ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Patch to mimedefang...
No. MD is a framework and an Opensource one at that. People looking for a cookie cutter approach who don't know perl should by CanIt. Well, the question then becomes is should the shipped .spec file support all of the example config files and scripts as well? ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
[Mimedefang] Possibility to run network test and local test on spam together?
Hi there, Details: Sendmail-8.13.5 + MIMEDefang-2.54 + Mail-Spamassassin-3.10 + ClamAV-0.88 Network tests: Razor + Pyzor + DCC with SALocalTestsOnly=0 in my sa-mimedefang.cf My Question: 1. Is it worth or possible to run local test like (RulesDuJour http://www.exit0.us/index.php?pagename=RulesDuJour) in parallel to the network test? 2. If fessible, how should I deal with the parameter setting of SALocalTestsOnly=0 ? Thx mate Simon ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Patch to mimedefang...
David F. Skoll wrote: filter_helo is one thing, but adding a dependency on Net::CIDR::Lite is probably not in the cards. One of the biggest complaints from people who've tried MIMEDefang is the number of Perl modules it requires. I really hesitate to make another absolute dependency; I'd rather continue to use the mechanism in detect_and_load_perl_modules to discover modules at run-time and enable bits of functionality based on what is discovered. I suppose for people using RPM's with yum or smart, it might be different. For us, it's nicer to have a flat, fixed, known list of dependencies and be able to plan around that. With dynamic capabilities based on run-time determination, things have a habit of silently stopping working when needed packages get left out, etc. and you can't figure out why. So much nicer when something just complains and dies. Then at least you know what you're looking at. -Philip ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang