Re: [Mimedefang] Relayed emails can't be filter!
--On June 13, 2014 21:58:03 +0700 Cương Bùi wrote: Hi David, Could you tell me why? I read sendmail configuration, this kind of use is normal. Such as default pool dir in sendmail is /var/spool/mqueue for mta (Ubuntu). Milters work while sendmail processes incoming messages. The procedure you are using bypasses that step. It is NOT normal to put files directly into mqueue. Every application I am familiar with forks a sendmail process or connects to port 25 localhost. Joseph Brennan Columbia University Information Technology ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Relayed emails can't be filter!
Hello, > MIMEDefang can check the message during relay phase. This is the > ability of Milter. We have answered your questions to the best of our ability. Please do not post any followups on this list; the topic is closed. Regards, David. ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Relayed emails can't be filter!
Hi David, The message in spool dir is just the source, it's not the destination. It will be sent out to the world. So I want to use Milter MIMEDefang to do something on message before going out. On 6/13/2014 10:09 PM, David F. Skoll wrote: On Fri, 13 Jun 2014 21:58:03 +0700 Cương Bùi wrote: Could you tell me why? The Sendmail milter implementation only allows filtering for mail that comes into the MTA via SMTP. Once a message is in the queue, it's too late. Regards, David. ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang -- ** Regards, Cuong Hoang Bui c...@cteklab.net bhcuong2...@gmail.com ** ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Relayed emails can't be filter!
On Fri, 13 Jun 2014 21:58:03 +0700 Cương Bùi wrote: > Could you tell me why? The Sendmail milter implementation only allows filtering for mail that comes into the MTA via SMTP. Once a message is in the queue, it's too late. Regards, David. ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Relayed emails can't be filter!
Hi David, Sendmail running in background and checking its spool dir periodically for deliver , and starting its sending (depend on routing configuration such as direcly or relay). In my case, it's relay. MIMEDefang can check the message during relay phase. This is the ability of Milter. I see this flow in MIMEDefang slides from their website. This is all my understanding. Is it right? On 6/13/2014 9:42 PM, David F. Skoll wrote: On Fri, 13 Jun 2014 21:32:18 +0700 Cương Bùi wrote: I've done some tests. I found that OpenEMM just creates email files and puts it into queue. Well, you need to get OpenEMM not to do that. MIMEDefang can only see messages that come in via SMTP. So you need to take up this issue with the OpenEMM developers. Regards, David. ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang -- ** Regards, Cuong Hoang Bui c...@cteklab.net bhcuong2...@gmail.com ** ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Relayed emails can't be filter!
Hi David, Could you tell me why? I read sendmail configuration, this kind of use is normal. Such as default pool dir in sendmail is /var/spool/mqueue for mta (Ubuntu). Thank you :) On 6/13/2014 9:42 PM, David F. Skoll wrote: On Fri, 13 Jun 2014 21:32:18 +0700 Cương Bùi wrote: I've done some tests. I found that OpenEMM just creates email files and puts it into queue. Well, you need to get OpenEMM not to do that. MIMEDefang can only see messages that come in via SMTP. So you need to take up this issue with the OpenEMM developers. Regards, David. ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang -- ** Regards, Cuong Hoang Bui c...@cteklab.net bhcuong2...@gmail.com ** ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Relayed emails can't be filter!
On Fri, 13 Jun 2014 21:32:18 +0700 Cương Bùi wrote: > I've done some tests. I found that OpenEMM just creates email files > and puts it into queue. Well, you need to get OpenEMM not to do that. MIMEDefang can only see messages that come in via SMTP. So you need to take up this issue with the OpenEMM developers. Regards, David. ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Relayed emails can't be filter!
Hi Steffen, I've done some tests. I found that OpenEMM just creates email files and puts it into queue. Depending on the configured intervals (1m, 2m,..) in sendmail, these email files will be delivered by sendmail process running in background. I wonder that when delivering these messages, sendmail sends directly to relay server without through milters MIMEDefang or ArchiveSMTP. Do you have any ideas about this case? -- ** Regards, Cuong Hoang Bui c...@cteklab.net bhcuong2...@gmail.com ** ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Relayed emails can't be filter!
Hi Steffen, Command line in script for sendmail process is as below, === $sm -q1m -NNEVER -OQueueDirectory=$BASE/var/spool/ADMIN -OPidFile=$run/sendmail-openemm-admin.pid === There are no special options that affect behavior of sendmail (from /etc/mail). Do you have any ideas? Thank you :) -- ** Regards, Cuong Hoang Bui c...@cteklab.net bhcuong2...@gmail.com ** ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Relayed emails can't be filter!
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 13 Jun 2014, Cương Bùi wrote: Date: Fri, 13 Jun 2014 16:05:25 +0700 From: Cương Bùi To: skmimedef...@smail.inf.fh-bonn-rhein-sieg.de Cc: mimedefang@lists.roaringpenguin.com Subject: Re: [Mimedefang] Relayed emails can't be filter! Hi Steffen, Thank you for your investigation :) 1. - spool files can easily be generated directly (the process is documented) - therefore, OpenEMM can assign spool file names so that OpenEMM has sufficient ID information encoded to use the names for bounce management during mail transmission => OpenEMM spawns 8 concurrent processes of sendmail for handling sending (1 of 8 used for accepting incoming emails). The 7 others handle 4 queues (4 spool dirs) as below (from command ps -ef). === root 17717 1 0 08:36 ?00:00:00 sendmail: MTA: Queue runner@00:01:00 for /home/openemm/var/spool/ADMIN === I guess your "normal" config of sendmail in /etc/mail does not use /home/openemm/var/spool, so OpenEMM does indeed use its configuration and my proposals seems to apply. => I think the issue may come from this. It handles directly... Back to my test previously, use sendmail from command line (sendmail -vt < [file of email content]). I see that there are differences between 2 cases (from OpenEMM vs command line) === Jun 13 08:46:26 srv-01 sm-mta[17949]: s5D8kQAP017949: Milter add: header: X-Scanned-By: MIMEDefang 2.75 on x.x.x.x Jun 13 08:46:28 srv-01 *sm-mta*[17949]: STARTTLS=client, relay=smtp.outside.com, version=TLSv1/SSLv3, verify=OK, cipher=AES256-SHA, bits=256/256 Jun 13 08:46:30 srv-01 *sm-mta*[17949]: s5D8kQAP017949: to=, ctladdr= (0/0), delay=00:00:04, xdelay=00:00:04, mailer=relay, pri=30377, relay=smtp.outside.com [184.73.178.44], dsn=2.0.0, stat=Sent (Ok 0146946821e9-c9c81ea2-9fcf-4076-952f-1c8e3591464d-00) Jun 13 08:46:30 srv-01 *sendmail*[17948]: s5D8kPP1017948: to=use...@example.com, ctladdr=sysuser (0/0), delay=00:00:05, xdelay=00:00:04, mailer=relay, pri=30138, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (s5D8kQAP017949 Message accepted for delivery) === 2. - bounce management is based on a well documented plugin interface of Sendmail (milter) and permits combining the realibility of Sendmail with the flexibility of OpenEMM functions. => OpenEMM develops its own filter for handling bounces. It's just like other filter. It does not affect other milters (like AchiveSMTP, MIMEDefang) It depends on how that milter detects bounces. If you re-route the message through your sendmail instance configured by /etc/mail, you could break the process. On 6/13/2014 3:42 PM, Steffen Kaiser wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 13 Jun 2014, Cương Bùi wrote: *1. What emails you are mean with "outgoing"? Are they submitted via the local system, e.g. by calling the sendmail exectuable, or via SMTP? * These emails originate from OpenEMM, on the same server. There are 8 running processes of sendmail on different queues. => When there are some messages in these queues, it's automatically sent by these processes. (my understanding, not sure 100%) Hmm, http://www.openemm.org/faq/questions/22/Why+do+you+use+Sendmail+and+not+other+MTAs%3F "Sendmail is difficult to replace in OpenEMM by other MTAs because - - spool files can easily be generated directly (the process is documented) - - therefore, OpenEMM can assign spool file names so that OpenEMM has sufficient ID information encoded to use the names for bounce management during mail transmission" I don't know if I understand the 1. statement correctly, but they seem to say that they create the spool files for sendmail directly, bypassing the "injection" via both sendmail executable and socket. If that's correct, no milter can be activated obviously. OpenEMM is open source, so IMHO patch the processing you want to make into its "injection". If you don't want to patch OpenEMM, you need to get to know how the mail flow of OpenEMM is, how many sendmail configurations there are (the 2nd statement above let me assume that OpenEMM runs its own configuration), and put some filter in between. That might brake the bounce detection. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBU5rFhFGgR0+MU/4GAQIV7Qf+K17r7kB6Jb/QZF+tpAiYaPfGmSWoF76f iY9ogZxipKKl++vk52HLsg11M7fuuAzR44i1KQ03cQMkO4DnCOyY7DivyT5zSjOB kaFq4ciYC6Q0mLoxqda1hVndlGYN4P/kahY4PP37HS6ySe+1omHaALUYxLwSYfED fiVS70GArICcp7qHbVR6fHVjRcDztIkKR6NK0gIYEW0onfRnSIPYU3WMo0wlEAPI ZSv0qMjUVVOyc9PRyR1upxBbUFc8VYzwJgubWC6qaYYTM4azmTufkNhSosdo3kC7 8hAifvbCSVXt9xXJnM0ADMZtifYQInqi9XV9eurYX/kHzhLbReiYZw== =AyL9 -END PGP SIGNATURE-___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may i
Re: [Mimedefang] Relayed emails can't be filter!
Hi Steffen, Thank you for your investigation :) 1. - spool files can easily be generated directly (the process is documented) - therefore, OpenEMM can assign spool file names so that OpenEMM has sufficient ID information encoded to use the names for bounce management during mail transmission => OpenEMM spawns 8 concurrent processes of sendmail for handling sending (1 of 8 used for accepting incoming emails). The 7 others handle 4 queues (4 spool dirs) as below (from command ps -ef). === root 17717 1 0 08:36 ?00:00:00 sendmail: MTA: Queue runner@00:01:00 for /home/openemm/var/spool/ADMIN === => I think the issue may come from this. It handles directly... Back to my test previously, use sendmail from command line (sendmail -vt < [file of email content]). I see that there are differences between 2 cases (from OpenEMM vs command line) === Jun 13 08:46:26 srv-01 sm-mta[17949]: s5D8kQAP017949: Milter add: header: X-Scanned-By: MIMEDefang 2.75 on x.x.x.x Jun 13 08:46:28 srv-01 *sm-mta*[17949]: STARTTLS=client, relay=smtp.outside.com, version=TLSv1/SSLv3, verify=OK, cipher=AES256-SHA, bits=256/256 Jun 13 08:46:30 srv-01 *sm-mta*[17949]: s5D8kQAP017949: to=, ctladdr= (0/0), delay=00:00:04, xdelay=00:00:04, mailer=relay, pri=30377, relay=smtp.outside.com [184.73.178.44], dsn=2.0.0, stat=Sent (Ok 0146946821e9-c9c81ea2-9fcf-4076-952f-1c8e3591464d-00) Jun 13 08:46:30 srv-01 *sendmail*[17948]: s5D8kPP1017948: to=use...@example.com, ctladdr=sysuser (0/0), delay=00:00:05, xdelay=00:00:04, mailer=relay, pri=30138, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (s5D8kQAP017949 Message accepted for delivery) === 2. - bounce management is based on a well documented plugin interface of Sendmail (milter) and permits combining the realibility of Sendmail with the flexibility of OpenEMM functions. => OpenEMM develops its own filter for handling bounces. It's just like other filter. It does not affect other milters (like AchiveSMTP, MIMEDefang) (I think so). On 6/13/2014 3:42 PM, Steffen Kaiser wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 13 Jun 2014, Cương Bùi wrote: *1. What emails you are mean with "outgoing"? Are they submitted via the local system, e.g. by calling the sendmail exectuable, or via SMTP? * These emails originate from OpenEMM, on the same server. There are 8 running processes of sendmail on different queues. => When there are some messages in these queues, it's automatically sent by these processes. (my understanding, not sure 100%) Hmm, http://www.openemm.org/faq/questions/22/Why+do+you+use+Sendmail+and+not+other+MTAs%3F "Sendmail is difficult to replace in OpenEMM by other MTAs because - - spool files can easily be generated directly (the process is documented) - - therefore, OpenEMM can assign spool file names so that OpenEMM has sufficient ID information encoded to use the names for bounce management during mail transmission" I don't know if I understand the 1. statement correctly, but they seem to say that they create the spool files for sendmail directly, bypassing the "injection" via both sendmail executable and socket. If that's correct, no milter can be activated obviously. OpenEMM is open source, so IMHO patch the processing you want to make into its "injection". If you don't want to patch OpenEMM, you need to get to know how the mail flow of OpenEMM is, how many sendmail configurations there are (the 2nd statement above let me assume that OpenEMM runs its own configuration), and put some filter in between. That might brake the bounce detection. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBU5q5b1GgR0+MU/4GAQJcEAgAsuU40j1kucRmR8+INBbfA5t6EcvE61pE bJ4xwjlXEF6b85kN9RQ/aJh4OphICPPTmrHAFatLLosxNnAU5WA+6GbVf7R19XzX O2EhyXhgO+oUtmWbZgesIOzmdBWDRclYJQ2b7kXMPh8fMLIi29ZdtanSgmBsMfIn r9M+iyEiPr5gzbdB1kpz9TWl2ap/NG44yplMPWC9USkxva03o9lL9JN4PkwnjRvP vqe8xBTLWJXXKaqDOO8VJf4j86g/UyQNLaxFQTyV/W4ITbUpSIiA0vE3V/jufMQt lxihVMSCy5pb94yGV7d+GQ176FCFRK1sPQ4zpDt+cN68P3mSy2S/lQ== =7DZT -END PGP SIGNATURE- ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang -- ** Regards, Cuong Hoang Bui c...@cteklab.net bhcuong2...@gmail.com ** ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Relayed emails can't be filter!
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Fri, 13 Jun 2014, Cương Bùi wrote: *1. What emails you are mean with "outgoing"? Are they submitted via the local system, e.g. by calling the sendmail exectuable, or via SMTP? * These emails originate from OpenEMM, on the same server. There are 8 running processes of sendmail on different queues. => When there are some messages in these queues, it's automatically sent by these processes. (my understanding, not sure 100%) Hmm, http://www.openemm.org/faq/questions/22/Why+do+you+use+Sendmail+and+not+other+MTAs%3F "Sendmail is difficult to replace in OpenEMM by other MTAs because - - spool files can easily be generated directly (the process is documented) - - therefore, OpenEMM can assign spool file names so that OpenEMM has sufficient ID information encoded to use the names for bounce management during mail transmission" I don't know if I understand the 1. statement correctly, but they seem to say that they create the spool files for sendmail directly, bypassing the "injection" via both sendmail executable and socket. If that's correct, no milter can be activated obviously. OpenEMM is open source, so IMHO patch the processing you want to make into its "injection". If you don't want to patch OpenEMM, you need to get to know how the mail flow of OpenEMM is, how many sendmail configurations there are (the 2nd statement above let me assume that OpenEMM runs its own configuration), and put some filter in between. That might brake the bounce detection. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBU5q5b1GgR0+MU/4GAQJcEAgAsuU40j1kucRmR8+INBbfA5t6EcvE61pE bJ4xwjlXEF6b85kN9RQ/aJh4OphICPPTmrHAFatLLosxNnAU5WA+6GbVf7R19XzX O2EhyXhgO+oUtmWbZgesIOzmdBWDRclYJQ2b7kXMPh8fMLIi29ZdtanSgmBsMfIn r9M+iyEiPr5gzbdB1kpz9TWl2ap/NG44yplMPWC9USkxva03o9lL9JN4PkwnjRvP vqe8xBTLWJXXKaqDOO8VJf4j86g/UyQNLaxFQTyV/W4ITbUpSIiA0vE3V/jufMQt lxihVMSCy5pb94yGV7d+GQ176FCFRK1sPQ4zpDt+cN68P3mSy2S/lQ== =7DZT -END PGP SIGNATURE-___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Relayed emails can't be filter!
On Fri, 2014-06-13 at 14:35 +0700, Cương Bùi wrote: > submit.mc has this line (ubuntu distro default). I've commented out it. Don't comment it out. You want that line. -- Richard ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Relayed emails can't be filter!
Hi Steffen, I show you some info. *1. What emails you are mean with "outgoing"? Are they submitted via the local system, e.g. by calling the sendmail exectuable, or via SMTP? * These emails originate from OpenEMM, on the same server. There are 8 running processes of sendmail on different queues. => When there are some messages in these queues, it's automatically sent by these processes. (my understanding, not sure 100%) *2. Content of submit.mc**(after comment out msp)* === divert(-1)dnl #- # $Sendmail: submit.mc,v 8.14.4 2013-09-19 22:03:58 cowboy Exp $ # # Copyright (c) 2000-2010 Richard Nelson. All Rights Reserved. # # cf/debian/submit.mc. Generated from submit.mc.in by configure. # # submit.mc prototype config file for building Sendmail 8.14.4 # # Note: the .in file supports 8.7.6 - 9.0.0, but the generated # file is customized to the version noted above. # # This file is used to configure Sendmail for use with Debian systems. # # If you modify this file, you will have to regenerate /etc/mail/submit.cf # by running this file through the m4 preprocessor via one of the following: # * make (or make -C /etc/mail) # * sendmailconfig # * m4 /etc/mail/submit.mc > /etc/mail/submit.cf # The first two options are preferred as they will also update other files # that depend upon the contents of this file. # # The best documentation for this .mc file is: # /usr/share/doc/sendmail-doc/cf.README.gz # #- divert(0)dnl # # Copyright (c) 2000-2002 Richard Nelson. All Rights Reserved. # # This file is used to configure Sendmail for use with Debian systems. # define(`_USE_ETC_MAIL_')dnl include(`/usr/share/sendmail/cf/m4/cf.m4')dnl VERSIONID(`$Id: submit.mc, v 8.14.4-2ubuntu2.1 2013-09-19 22:03:58 cowboy Exp $') OSTYPE(`debian')dnl DOMAIN(`debian-msp')dnl dnl # dnl #- dnl # Masquerading information, if needed, should go here dnl # You likely will not need this, as the MTA will do it dnl #- dnl MASQUERADE_AS()dnl dnl FEATURE(`masquerade_envelope')dnl dnl # dnl #- dnl # The real reason we're here: the FEATURE(msp) dnl # NOTE WELL: MSA (587) should have M=Ea, so we need to use stock 25 dnl #- dnl # FEATURE(`msp', `[127.0.0.1]', `25')dnl dnl # dnl #- dnl # Some minor cleanup from FEATURE(msp) dnl #- dnl # dnl #- === Thank you :) -- ** Regards, Cuong Hoang Bui c...@cteklab.net bhcuong2...@gmail.com ** ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Relayed emails can't be filter!
Hi Steffen, As mentioned previously, when having someuser@localhost, sm-mta shows this info in mail log file. And routine filter_*() triggered. === Jun 13 07:26:26 /srv-01/ sm-mta[16174]: s5D7QQiU016174: Milter add: header: X-Scanned-By: MIMEDefang 2.75 on /x.x.x.x/ === But for relayed emails to outside smtps (AWS SES), I dont see this kind of log. Routine filter_*() not triggered. On 6/13/2014 1:13 PM, Steffen Kaiser wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 12 Jun 2014, Cương Bùi wrote: I'm really stuck here. I configure my sendmail server using smarttable (http://jmaimon.com/sendmail/anfi.homeunix.net/sendmail/smarttab.html) and smart_host feature for routing to different smtp servers, users. All local emails (sm-mta process) are caught in mimedefang filter. It means I can process it in filter_* routines. === Jun 12 14:39:17 srv-01 sm-mta[6520]: s5CEdHes006520: from=, size=2461, class=0, nrcpts=1, msgid=<1793922844.1402583957445>, proto=ESMTP, daemon=MTA-v4, relay=localhost [127.0.0.1] === And, all outgoing relayed emails (sendmail process) are not caught. It means I do not "see" it in filter_* routines. What emails you are mean with "outgoing"? Are they submitted via the local system, e.g. by calling the sendmail exectuable, or via SMTP? === Jun 12 14:40:20 srv-01 sendmail[6552]: STARTTLS=client, relay=/smtp.outside.com/, version=TLSv1/SSLv3, verify=OK, cipher=DHE-RSA-AES256-SHA, bits=256/256 Jun 12 14:40:21 srv-01 sendmail[6552]: 1983T66ee0001: to=, delay=00:01:04, xdelay=00:00:04, mailer=relay, pri=0, relay=/smtp.outside.com/. [/1.2.3.4/], dsn=2.0.0, stat=Sent (Ok: queued as 296B68067B) === Please show us your submit.mc. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBU5qWgFGgR0+MU/4GAQLA+QgApM6ifBCy7Dak+j8QThwEmLInA+qvLPCL kpEatsWUiYEfl5F+SyKgblRDptITLYTHGxJDUq7FUvpDy3Jm8qlpb5xivg8NVdWK MSNZoqGDgaKKT/aBKQl8C/bTz5GSJTUj/u7R8RtGAqT61fRjsoHxKp5/MpHL9Wro uI5nf8bDGqqaXIcMRdgAf1xsRiIq5dQjIG3rAlB4efP/h8crJigpp7KjRB7iou80 o/15hwUjFBxNWt+ffBmT4Vx6KgeC5RNEbuoGVrexOlo1DL5UGi68O67ltdcya4Qo jMRxXsE5NpUAJ/L+6GnILgiiA+Aj054fZ3Uprdrjft3wvDriO/A67w== =Xkx3 -END PGP SIGNATURE- ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang -- ** Regards, Cuong Hoang Bui c...@cteklab.net bhcuong2...@gmail.com ** ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Relayed emails can't be filter!
Hi Richard, submit.mc has this line (ubuntu distro default). I've commented out it. But the issue still exists. I'm trying to understand more about MTA, and MSA. FEATURE(`msp', `[127.0.0.1]', `25')dnl I test MIMEDefang by hooking into routine filter(), and writing some text in test file. There's nothing in this file. This is all content in file submit.mc (after I comment out the line msp) === divert(0)dnl define(`_USE_ETC_MAIL_')dnl include(`/usr/share/sendmail/cf/m4/cf.m4')dnl VERSIONID(`$Id: submit.mc, v 8.14.4-2ubuntu2.1 2013-09-19 22:03:58 cowboy Exp $') OSTYPE(`debian')dnl DOMAIN(`debian-msp')dnl === Is this reasonable defaults? Thank you very much. On 6/13/2014 10:03 AM, Richard Laager wrote: If I understand you correctly, your issue is that outgoing mail is not handled by the milter, even though incoming mail is handled by the milter. Outgoing mail is *normally* first handled by the MSA and then goes to the MTA, where it is *handled exactly the same* as incoming mail. If these logs are correct, then your outgoing mail is being sent directly from the MSA to smtp.outside.com. That is *not normal*. Does your submit.mc.in file have something like this in it: FEATURE(`msp', `[127.0.0.1]', `25')dnl If not, do NOT just blindly add that, but you should make sure that your submit.mc.in is unmodified from your distro (and also that your distro has reasonable defaults, I suppose). [This is mostly just restating what Bill said. I'm hoping it helps.] -- ** Regards, Cuong Hoang Bui c...@cteklab.net bhcuong2...@gmail.com ** ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Relayed emails can't be filter!
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 12 Jun 2014, Cương Bùi wrote: I'm really stuck here. I configure my sendmail server using smarttable (http://jmaimon.com/sendmail/anfi.homeunix.net/sendmail/smarttab.html) and smart_host feature for routing to different smtp servers, users. All local emails (sm-mta process) are caught in mimedefang filter. It means I can process it in filter_* routines. === Jun 12 14:39:17 srv-01 sm-mta[6520]: s5CEdHes006520: from=, size=2461, class=0, nrcpts=1, msgid=<1793922844.1402583957445>, proto=ESMTP, daemon=MTA-v4, relay=localhost [127.0.0.1] === And, all outgoing relayed emails (sendmail process) are not caught. It means I do not "see" it in filter_* routines. What emails you are mean with "outgoing"? Are they submitted via the local system, e.g. by calling the sendmail exectuable, or via SMTP? === Jun 12 14:40:20 srv-01 sendmail[6552]: STARTTLS=client, relay=/smtp.outside.com/, version=TLSv1/SSLv3, verify=OK, cipher=DHE-RSA-AES256-SHA, bits=256/256 Jun 12 14:40:21 srv-01 sendmail[6552]: 1983T66ee0001: to=, delay=00:01:04, xdelay=00:00:04, mailer=relay, pri=0, relay=/smtp.outside.com/. [/1.2.3.4/], dsn=2.0.0, stat=Sent (Ok: queued as 296B68067B) === Please show us your submit.mc. - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQEVAwUBU5qWgFGgR0+MU/4GAQLA+QgApM6ifBCy7Dak+j8QThwEmLInA+qvLPCL kpEatsWUiYEfl5F+SyKgblRDptITLYTHGxJDUq7FUvpDy3Jm8qlpb5xivg8NVdWK MSNZoqGDgaKKT/aBKQl8C/bTz5GSJTUj/u7R8RtGAqT61fRjsoHxKp5/MpHL9Wro uI5nf8bDGqqaXIcMRdgAf1xsRiIq5dQjIG3rAlB4efP/h8crJigpp7KjRB7iou80 o/15hwUjFBxNWt+ffBmT4Vx6KgeC5RNEbuoGVrexOlo1DL5UGi68O67ltdcya4Qo jMRxXsE5NpUAJ/L+6GnILgiiA+Aj054fZ3Uprdrjft3wvDriO/A67w== =Xkx3 -END PGP SIGNATURE-___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Relayed emails can't be filter!
If I understand you correctly, your issue is that outgoing mail is not handled by the milter, even though incoming mail is handled by the milter. Outgoing mail is *normally* first handled by the MSA and then goes to the MTA, where it is *handled exactly the same* as incoming mail. If these logs are correct, then your outgoing mail is being sent directly from the MSA to smtp.outside.com. That is *not normal*. Does your submit.mc.in file have something like this in it: FEATURE(`msp', `[127.0.0.1]', `25')dnl If not, do NOT just blindly add that, but you should make sure that your submit.mc.in is unmodified from your distro (and also that your distro has reasonable defaults, I suppose). [This is mostly just restating what Bill said. I'm hoping it helps.] -- Richard ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Relayed emails can't be filter!
Hi Bill, Thank you for your clear explanation. I really dont know what you mean here. This is actual log file from my real system, I just remove some sensitive information such as user, server name. It's sure that I dont understand 100% of Sendmail or email flow. It's from OpenEMM. I've also tested with ArchiveSMTP. The same issue exists. And last night, I found that the issue may be from 8 concurrent processes of sendmail. If I test sendmail from command line sendmail -vt < [file of email content], it is recognized for ArchiveSMTP. Note that I tested ArchiveSMTP and MIMEDefang separately. === /I believe your pointless excessive munging has made these fake log lines misleading and useless, as well as incomplete. I'm ignoring them entirely because they appear to be full of lies :) It also seems like either your Sendmail is nothing like normal OR you have no idea how mail is flowing through it. / === I dont touch submit.cf. On 6/13/2014 5:44 AM, Bill Cole wrote: On 12 Jun 2014, at 12:26, Cương Bùi wrote: Hi everyone, I'm really stuck here. I configure my sendmail server using smarttable (http://jmaimon.com/sendmail/anfi.homeunix.net/sendmail/smarttab.html) and smart_host feature for routing to different smtp servers, users. All local emails (sm-mta process) are caught in mimedefang filter. It means I can process it in filter_* routines. === Jun 12 14:39:17 srv-01 sm-mta[6520]: s5CEdHes006520: from=, size=2461, class=0, nrcpts=1, msgid=<1793922844.1402583957445>, proto=ESMTP, daemon=MTA-v4, relay=localhost [127.0.0.1] === And, all outgoing relayed emails (sendmail process) are not caught. It means I do not "see" it in filter_* routines. === Jun 12 14:40:20 srv-01 sendmail[6552]: STARTTLS=client, relay=/smtp.outside.com/, version=TLSv1/SSLv3, verify=OK, cipher=DHE-RSA-AES256-SHA, bits=256/256 Jun 12 14:40:21 srv-01 sendmail[6552]: 1983T66ee0001: to=, delay=00:01:04, xdelay=00:00:04, mailer=relay, pri=0, relay=/smtp.outside.com/. [/1.2.3.4/], dsn=2.0.0, stat=Sent (Ok: queued as 296B68067B) === I believe your pointless excessive munging has made these fake log lines misleading and useless, as well as incomplete. I'm ignoring them entirely because they appear to be full of lies :) It also seems like either your Sendmail is nothing like normal OR you have no idea how mail is flowing through it. A *normal* sendmail configuration has 2 independently configured subsystems: the MSA that handles local submissions and the MTA that handles incoming mail from the world *AND* is used as a relay for all outbound mail by the MSA. Sendmail processes started as part of the MSA log as "sendmail" which those spawned by the main MTA daemon log as "sm-mta". A locally submitted message will generate at least 4 log lines (2 by each subsystem) and possibly an additional line from the MTA noting the TLS initiation. Because the MSA passes all mail to the MTA, the submit.cf file that it uses (instead of sendmail.cf) is very simple and the .mc to build it almost never needs changing from distribution defaults. It should certainly not get routing hacks like smarttable added. Please help me out. I dont know how to solve this. Make sure you have a pristine submit.mc which is unchanged from the Sendmail distribution package, and rebuild submit.cf from it. Make sure your sendmail.mc has both the Milter related configurations you need for mimedefang and the 'feature' line for smarttable. Rebuild sendmail.cf from that file. Restart sendmail. ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang -- ** Regards, Cuong Hoang Bui c...@cteklab.net bhcuong2...@gmail.com ** ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Relayed emails can't be filter!
On 12 Jun 2014, at 12:26, Cương Bùi wrote: Hi everyone, I'm really stuck here. I configure my sendmail server using smarttable (http://jmaimon.com/sendmail/anfi.homeunix.net/sendmail/smarttab.html) and smart_host feature for routing to different smtp servers, users. All local emails (sm-mta process) are caught in mimedefang filter. It means I can process it in filter_* routines. === Jun 12 14:39:17 srv-01 sm-mta[6520]: s5CEdHes006520: from=, size=2461, class=0, nrcpts=1, msgid=<1793922844.1402583957445>, proto=ESMTP, daemon=MTA-v4, relay=localhost [127.0.0.1] === And, all outgoing relayed emails (sendmail process) are not caught. It means I do not "see" it in filter_* routines. === Jun 12 14:40:20 srv-01 sendmail[6552]: STARTTLS=client, relay=/smtp.outside.com/, version=TLSv1/SSLv3, verify=OK, cipher=DHE-RSA-AES256-SHA, bits=256/256 Jun 12 14:40:21 srv-01 sendmail[6552]: 1983T66ee0001: to=, delay=00:01:04, xdelay=00:00:04, mailer=relay, pri=0, relay=/smtp.outside.com/. [/1.2.3.4/], dsn=2.0.0, stat=Sent (Ok: queued as 296B68067B) === I believe your pointless excessive munging has made these fake log lines misleading and useless, as well as incomplete. I'm ignoring them entirely because they appear to be full of lies :) It also seems like either your Sendmail is nothing like normal OR you have no idea how mail is flowing through it. A *normal* sendmail configuration has 2 independently configured subsystems: the MSA that handles local submissions and the MTA that handles incoming mail from the world *AND* is used as a relay for all outbound mail by the MSA. Sendmail processes started as part of the MSA log as "sendmail" which those spawned by the main MTA daemon log as "sm-mta". A locally submitted message will generate at least 4 log lines (2 by each subsystem) and possibly an additional line from the MTA noting the TLS initiation. Because the MSA passes all mail to the MTA, the submit.cf file that it uses (instead of sendmail.cf) is very simple and the .mc to build it almost never needs changing from distribution defaults. It should certainly not get routing hacks like smarttable added. Please help me out. I dont know how to solve this. Make sure you have a pristine submit.mc which is unchanged from the Sendmail distribution package, and rebuild submit.cf from it. Make sure your sendmail.mc has both the Milter related configurations you need for mimedefang and the 'feature' line for smarttable. Rebuild sendmail.cf from that file. Restart sendmail. ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
[Mimedefang] Relayed emails can't be filter!
Hi everyone, I'm really stuck here. I configure my sendmail server using smarttable (http://jmaimon.com/sendmail/anfi.homeunix.net/sendmail/smarttab.html) and smart_host feature for routing to different smtp servers, users. All local emails (sm-mta process) are caught in mimedefang filter. It means I can process it in filter_* routines. === Jun 12 14:39:17 srv-01 sm-mta[6520]: s5CEdHes006520: from=, size=2461, class=0, nrcpts=1, msgid=<1793922844.1402583957445>, proto=ESMTP, daemon=MTA-v4, relay=localhost [127.0.0.1] === And, all outgoing relayed emails (sendmail process) are not caught. It means I do not "see" it in filter_* routines. === Jun 12 14:40:20 srv-01 sendmail[6552]: STARTTLS=client, relay=/smtp.outside.com/, version=TLSv1/SSLv3, verify=OK, cipher=DHE-RSA-AES256-SHA, bits=256/256 Jun 12 14:40:21 srv-01 sendmail[6552]: 1983T66ee0001: to=, delay=00:01:04, xdelay=00:00:04, mailer=relay, pri=0, relay=/smtp.outside.com/. [/1.2.3.4/], dsn=2.0.0, stat=Sent (Ok: queued as 296B68067B) === Please help me out. I dont know how to solve this. Thank you very much :) -- ** Regards, Cuong Hoang Bui c...@cteklab.net bhcuong2...@gmail.com ** ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang