Re: [Mimedefang] URIBL/SURBL support
On Tue, 2006-11-21 at 10:13 -0500, Joseph Brennan wrote: --On Monday, November 20, 2006 12:56 -0800 Kelsey Cummings [EMAIL PROTECTED] wrote: Has anyone written up generic URIBL or SURBL specific support for MD outside of using SpamAssassin? Mind sharing? First you have to parse the URL out of text. That's fun. This works most of the time for plain text parts. I use SpamAssassin's URL parsing for this. It's possible to do that without running the SpamAssassin tests. While complex, this makes a huge difference in terms of CPU power required. However, why not just run the SURBL stuff via SpamAssassin? Richard signature.asc Description: This is a digitally signed message part ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Skipping SA on TLSMTA connections?
VladimĂr Solnick? [EMAIL PROTECTED] wrote: ! if ($Features{SpamAssassin} $SendmailMacros{'daemon_name'} ne 'TLSMTA') { That's the wrong test. Any host on the net could use TLS to send you mail. You probably want to exclude mail sent with smtp auth... if (defined($SendmailMacros{auth_type})) You might also exclude mail from localhost, mail from any other hosts you run that require login to send mail, and mail to your abuse and security addresses. Joseph Brennan Lead Email Systems Engineer Columbia University Information Technology ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Question about mimedefang-filter
Not to mention legit words that contain blacklisted words. Looking for cialis will trigger on specialist, for instance. Best one I ran into was someone who no longer got replies when emailing his boss after he added his title of Analyst to his sig block and started hitting the existing simple rule in his slient to delete emails with a certain 4 letter word in it. ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] URIBL/SURBL support
On Mon, Nov 27, 2006 at 01:16:55AM -0700, Richard Laager wrote: On Tue, 2006-11-21 at 10:13 -0500, Joseph Brennan wrote: --On Monday, November 20, 2006 12:56 -0800 Kelsey Cummings [EMAIL PROTECTED] wrote: Has anyone written up generic URIBL or SURBL specific support for MD outside of using SpamAssassin? Mind sharing? First you have to parse the URL out of text. That's fun. This works most of the time for plain text parts. I use SpamAssassin's URL parsing for this. It's possible to do that without running the SpamAssassin tests. While complex, this makes a huge difference in terms of CPU power required. However, why not just run the SURBL stuff via SpamAssassin? Mostly because I don't have SpamAssassin installed on my MX servers where MD is running and it is a lot of overhead for such a limited test. -- Kelsey Cummings - [EMAIL PROTECTED] sonic.net, inc. System Architect 2260 Apollo Way 707.522.1000 Santa Rosa, CA 95407 ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
RE: [Mimedefang] URIBL/SURBL support
-Original Message- From: Joseph Brennan # check it my $resolver = new Net::DNS::Resolver; $resolver-tcp_timeout(10); $resolver-port(530); my $query = $resolver-query($domainname); Quick question. Why is the port 530? Are you running a local rsync of surbl using rbldnsd? For those using public DNS resolution, that should be 53 (or not set), right? ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
[Mimedefang] get tests including scores from SA
Hello everybody, I'm using Mimedefang 2.58 on a Redhat ES4 based system with SpamAssassin 3.1.7. What I'd like to do is get the SpamAssassin tests including the per-test scores (via SA's -get_tag('TESTSSCORES', ',')). To get this tag, I currently modify the function spam_assassin_check() in mimedefang.pl to addionally fetch this tag. My question is, is it possible to get this tag in mimedefang-filter without having to modify mimedefang.pl?? I'd rather not have to touch mimedefang.pl everytime I do an upgrade, but have my modifications in mimedefang-filter. Perhaps it might be possible to make the Mail::SpamAssassin::PerMsgStatus object which is the result of calling spam_assassin_check globally accessible in future versions of Mimedefang for more flexible access to the SA tags?? Thanks in advance, Sven -- Linux zion.homelinux.com 2.6.18-1.2849.fc6xen #1 SMP Fri Nov 10 13:56:52 EST 2006 i686 athlon i386 GNU/Linux 22:34:49 up 11 days, 23:52, 1 user, load average: 0.01, 0.19, 0.22 pgpgky8dcNOn5.pgp Description: PGP signature ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] get tests including scores from SA
Sven Schuster wrote: My question is, is it possible to get this tag in mimedefang-filter without having to modify mimedefang.pl?? Sure. It's not written in stone that you have to use spam_assassin_check(). If you'd rather, you can call spam_assassin_status(), which returns the Mail::SpamAssassin::PerMsgStatus object. You can then manipulate that as desired. See man mimedefang-filter Regards, David. ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] get tests including scores from SA
Hi David, On Mon, Nov 27, 2006 at 04:56:55PM -0500, David F. Skoll told us: Sure. It's not written in stone that you have to use spam_assassin_check(). If you'd rather, you can call spam_assassin_status(), which returns the Mail::SpamAssassin::PerMsgStatus object. You can then manipulate that as desired. thanks for this really fast answer! Of course you are right, I just thought something like that some seconds after hitting y in mutt to send the mail ;-) Little bit too late here in .de for doing something productive... Thanks, Sven, he who goes to bed now See man mimedefang-filter Regards, David. -- Linux zion.homelinux.com 2.6.18-1.2849.fc6xen #1 SMP Fri Nov 10 13:56:52 EST 2006 i686 athlon i386 GNU/Linux 23:10:34 up 12 days, 28 min, 1 user, load average: 0.16, 0.46, 0.45 pgpnIIxzMGsis.pgp Description: PGP signature ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] get tests including scores from SA
Sven Schuster wrote: Hi David, On Mon, Nov 27, 2006 at 04:56:55PM -0500, David F. Skoll told us: Sure. It's not written in stone that you have to use spam_assassin_check(). If you'd rather, you can call spam_assassin_status(), which returns the Mail::SpamAssassin::PerMsgStatus object. You can then manipulate that as desired. thanks for this really fast answer! Of course you are right, I just thought something like that some seconds after hitting y in mutt to send the mail ;-) Little bit too late here in .de for doing something productive... I actually use the report that spam_assassin_check() returns, and sift out the lines that refer to tests. I end up with something like this: X-SpamCheck: Yes, score=5.969 required=5 tests=BAYES_99, HTML_90_100, HTML_MESSAGE, MIME_HTML_ONLY, MSGID_FROM_MTA_HEADER, MSGID_FROM_MTA_ID, NO_REAL_NAME X-SpamScore: s X-SpamReport: 0.0 MSGID_FROM_MTA_HEADER Message-Id was added by a relay X-SpamReport: [score: 1.] X-SpamReport: 3.5 BAYES_99 BODY: Bayesian spam probability is 99 to 100% X-SpamReport: 0.0 MIME_HTML_ONLY BODY: Message only has text/html MIME parts X-SpamReport: 0.0 HTML_MESSAGE BODY: HTML included in message X-RUDD-CC-SpamReport: 0.1 HTML_90_100BODY: Message is 90% to 100% HTML X-SpamReport: 1.4 MSGID_FROM_MTA_ID Message-Id for external message added locally X-SpamReport: 1.0 NO_REAL_NAME From: does not include a real name (currently, the X-SpamReport headers are in reverse order, which is why the bayes [score: line is above the BAYES_99 line instead of after it; I have a new version of the code for this in testing, but not yet in production) I'll post the subroutine I use for this after I make that leap. It literally just takes a header name variable and the $report result, from spam_assassin_check(), as arguments. generate_report_headers(X-SpamReport, $report); It's not the same as having the scores in the test SpamCheck header, but I like it this way better, as I also get to see the test explanations. ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] get tests including scores from SA
John Rudd wrote: Sven Schuster wrote: Hi David, On Mon, Nov 27, 2006 at 04:56:55PM -0500, David F. Skoll told us: Sure. It's not written in stone that you have to use spam_assassin_check(). If you'd rather, you can call spam_assassin_status(), which returns the Mail::SpamAssassin::PerMsgStatus object. You can then manipulate that as desired. thanks for this really fast answer! Of course you are right, I just thought something like that some seconds after hitting y in mutt to send the mail ;-) Little bit too late here in .de for doing something productive... I actually use the report that spam_assassin_check() returns, and sift out the lines that refer to tests. ... I'll post the subroutine I use for this after I make that leap. It literally just takes a header name variable and the $report result, from spam_assassin_check(), as arguments. generate_report_headers(X-SpamReport, $report); Here's the code (I had misremembered the subroutine name, though). If anyone has suggestions for improvements, let me know. sub add_spam_report_headers { my $headername = shift(@_); my $report = shift(@_); my (@repin, @repout, $temp); @repin = split(/\n/, $report); while ($repin[0] !~ /Content analysis details:/) { shift(@repin); } shift(@repin); for ($i = 0; $i = $#repin ; $i++) { $temp = $repin[$i]; $temp =~ s/^\s+//; $temp =~ s/\s+$//; if ( ($temp ne ) ($temp !~ /^(\-|\s)+$/) ($temp !~ /^pts\s+rule\s+name\s+description$/) ) { action_add_header($headername, $temp); } } } ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang