Re: Filters and rctp-to rewrite.
On 9/9/19 7:16 PM, Reio Remma wrote: > On 09.09.2019 20:03, Giovanni Bechis wrote: >>> I'm currently using amavisd-new with the quarantine feature, but I'm >>> itching to switch to Rspamd (greylisting here I come!). >>> >> amavisd-new 2.12 has rspamd support, have you tried it ? > > Curious! I see the project has again switched hands, if you mean this one? > > https://gitlab.com/amavis/amavis > exactly, this is the new official amavis home. > I'll have a look at it. Then again with Rspamd and filter-rspamd we could cut > down a lot of complexity. >
Re: Filters and rctp-to rewrite.
On Mon, Sep 09, 2019 at 07:48:16PM +0300, Reio Remma wrote: > On 09.09.2019 18:13, Martijn van Duren wrote: > On 9/9/19 3:37 PM, Reio Remma wrote: >> Hello! >> >> Slowly digging into filters. >> >> Now I'm curious if it's possible to modify the recipient after say spam >> check in data-line? I get the impression that rewriting rcpt-to at that >> stage is impossible, but my goal would be to redirect/quarantine high >> scoring spam to a special e-mail address. >> >> Would it be doable somehow? >> >> Thanks! >> Reio >> > It is not. > > What you might be able to do is add an additional header and somehow let > an lmtp server make the decision based on the header. > > I haven't used lmtp myself, no clue if this actually works, but it's > worth investigating :-) > > Please reply to the threat if you managed to make it work. > > Thanks Martijn and Gilles for the confirmation! > > I'm currently using amavisd-new with the quarantine feature, but I'm itching > to switch to Rspamd (greylisting here I come!). Rspamd can let you interface Amavis. I did for someone I'm managing mail for so that you don't have to plug a ton of different tools directly to OpenSMTPD but let Rspamd broker these different filters and produce a result. > I'm using the quarantine to keep an eye on mails with a medium spam score so > we won't lose the occasional legit mail with a higher than normal spam > score. Additionally I can train these borderline mails correctly as > ham/spam. I will soon extend the filter-rspamd to include symbols it matched. With this, you'll be able to do delivery-time classification and move to a quarantine folder if you find the proper symbol. > I now see Rspamd has a metadata exporter feature I could probably use to > copy spammy mails to the quarantine mail address. Dunno about that > There are also Dovecot's sieve scripts. I'll have to see which work better. I'm not a big fan of Sieve, it is far more complex than it should be. I use it for Inbox -> SPAM, Spam -> Inbox training but quite franly if a classification can happen at delivery time through MDA, I'd rather let a fdm ruleset classify. -- Gilles Chehade @poolpOrg https://www.poolp.org patreon: https://www.patreon.com/gilles
Re: Filters and rctp-to rewrite.
On 09.09.2019 20:03, Giovanni Bechis wrote: I'm currently using amavisd-new with the quarantine feature, but I'm itching to switch to Rspamd (greylisting here I come!). amavisd-new 2.12 has rspamd support, have you tried it ? Curious! I see the project has again switched hands, if you mean this one? https://gitlab.com/amavis/amavis I'll have a look at it. Then again with Rspamd and filter-rspamd we could cut down a lot of complexity. Reio
Re: Filters and rctp-to rewrite.
On 9/9/19 6:48 PM, Reio Remma wrote: > On 09.09.2019 18:13, Martijn van Duren wrote: >> On 9/9/19 3:37 PM, Reio Remma wrote: >>> Hello! >>> >>> Slowly digging into filters. >>> >>> Now I'm curious if it's possible to modify the recipient after say spam >>> check in data-line? I get the impression that rewriting rcpt-to at that >>> stage is impossible, but my goal would be to redirect/quarantine high >>> scoring spam to a special e-mail address. >>> >>> Would it be doable somehow? >>> >>> Thanks! >>> Reio >>> >> It is not. >> >> What you might be able to do is add an additional header and somehow let >> an lmtp server make the decision based on the header. >> >> I haven't used lmtp myself, no clue if this actually works, but it's >> worth investigating :-) >> >> Please reply to the threat if you managed to make it work. > > Thanks Martijn and Gilles for the confirmation! > > I'm currently using amavisd-new with the quarantine feature, but I'm itching > to switch to Rspamd (greylisting here I come!). > amavisd-new 2.12 has rspamd support, have you tried it ? > I'm using the quarantine to keep an eye on mails with a medium spam score so > we won't lose the occasional legit mail with a higher than normal spam score. > Additionally I can train these borderline mails correctly as ham/spam. > > I now see Rspamd has a metadata exporter feature I could probably use to copy > spammy mails to the quarantine mail address. > > There are also Dovecot's sieve scripts. I'll have to see which work better. > > Thanks, > Reio >
Re: Filters and rctp-to rewrite.
On 09.09.2019 18:13, Martijn van Duren wrote: On 9/9/19 3:37 PM, Reio Remma wrote: Hello! Slowly digging into filters. Now I'm curious if it's possible to modify the recipient after say spam check in data-line? I get the impression that rewriting rcpt-to at that stage is impossible, but my goal would be to redirect/quarantine high scoring spam to a special e-mail address. Would it be doable somehow? Thanks! Reio It is not. What you might be able to do is add an additional header and somehow let an lmtp server make the decision based on the header. I haven't used lmtp myself, no clue if this actually works, but it's worth investigating :-) Please reply to the threat if you managed to make it work. Thanks Martijn and Gilles for the confirmation! I'm currently using amavisd-new with the quarantine feature, but I'm itching to switch to Rspamd (greylisting here I come!). I'm using the quarantine to keep an eye on mails with a medium spam score so we won't lose the occasional legit mail with a higher than normal spam score. Additionally I can train these borderline mails correctly as ham/spam. I now see Rspamd has a metadata exporter feature I could probably use to copy spammy mails to the quarantine mail address. There are also Dovecot's sieve scripts. I'll have to see which work better. Thanks, Reio
Re: Filters and rctp-to rewrite.
September 9, 2019 3:37 PM, "Reio Remma" wrote: > Hello! > Hello, > Slowly digging into filters. > > Now I'm curious if it's possible to modify the recipient after say spam check > in data-line? I get > the impression that rewriting rcpt-to at that stage is impossible, but my > goal would be to > redirect/quarantine high scoring spam to a special e-mail address. > By the time you start receiving DATA, the RCPT TO decision has already been taken in the SMTP transaction, so that would basically be a jump back in time. > Would it be doable somehow? > If you want to rewrite the RCPT TO, then not doable without your filter issuing a SMTP transaction itself by connecting and playing a session. If you want to junk (add X-Spam header), then you can simply have you filter do a buffering of DATA and prepend header on commit (what filter-rspamd does).
Re: Filters guidance request
Yes to clarify further, I bought myself another release cycle ;-) The filter code in 6.5 is voluntarily undocumented as both grammar and protocol didn't have enough time to "rest" for us to spot things which would appear better after a few months of being in use. Now that the stable release is out I will start documenting and making some of the changes I wanted so that it's "stable" in 6.6. If you're a developer, you can use filters in 6.5, you just need to be advanced enough to read code. On Sat, Apr 27, 2019 at 01:03:57AM +0200, Martijn van Duren wrote: > See https://poolp.org/, there are some things available, but as far as > I'm aware everything is still experimental. > > martijn@ > > On 4/26/19 9:45 PM, Aham Brahmasmi wrote: > > Namaste misc, > > > > I was wondering whether the absence of filters on the 6.5 [1] and > > current smtpd.conf(5) [2] manpages along with the modest OpenSMTPD 6.5.0 > > release notes [3] should be read into. > > > > In other words, are filters ready for general use? > > > > Dhanyavaad. > > > > Regards, > > ab > > [1] - https://man.openbsd.org/OpenBSD-6.5/smtpd.conf > > [2] - https://man.openbsd.org/smtpd.conf > > [3] - https://www.openbsd.org/65.html > > -|-|-|-|-|-|-|-- > > > > -- > You received this mail because you are subscribed to misc@opensmtpd.org > To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org > -- Gilles Chehade @poolpOrg https://www.poolp.org tip me: https://paypal.me/poolpOrg -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Re: [Filters] share data between callbacks
On Wed, Mar 23, 2016 at 09:49:24AM +0100, Gilles Chehade wrote: > On Wed, Mar 23, 2016 at 12:21:03AM +0100, Joerg Jung wrote: > > On Tue, Mar 22, 2016 at 10:57:00PM +0100, frit...@alokat.org wrote: > > > Hi, > > > > > > is it possible to share data between callback functions in a python-based > > > filter? > > > I'm looking for something like this one (from the clamav filter): > > > - filter_api_set_udata > > > - filter_api_get_udata > > > > I think you could just create your own python dict which associates user > > data with the given message ID. > > > > yes, that's what I do myself, i use the on_connect/on_disconnect to > store a per-session dictionnary where i can store stuff I want to > retain between callbacks > Thanks, I'll give it a try. Btw: why do I not see the filter log calls (e.g. from filter-trace), if I use $ echo "foo" | mail -s "bar" but I can see how the mail is processed. If I use: $ telnet localhost 25 and do all the staff manually, I see the filter's output. --f. > -- > Gilles Chehade > > https://www.poolp.org @poolpOrg > -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Re: [Filters] share data between callbacks
On Tue, Mar 22, 2016 at 10:57:00PM +0100, frit...@alokat.org wrote: > Hi, > > is it possible to share data between callback functions in a python-based > filter? > I'm looking for something like this one (from the clamav filter): > - filter_api_set_udata > - filter_api_get_udata I think you could just create your own python dict which associates user data with the given message ID. > If it's not, how can I compile a C-based filter? > gcc(1) says: smtpd-api.h no such file or directory. According to filter_api(3) > it has to be included. > > --f. > > -- > You received this mail because you are subscribed to misc@opensmtpd.org > To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org > -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Re: Filters
On Sat, 2 Jan 2016, Sunil Nimmagadda wrote: Filters require you to be -current. On OpenBSD the simplest way to test... Thanks. That's extremely very useful. That was never mentioned anywhere. I'll wait until 5.9 comes out. We never run '-current' to protect sites. Regards - Damian Pacific Engineering Systems International, 277-279 Broadway, Glebe NSW 2037 Ph:+61-2-8571-0847 .. Fx:+61-2-9692-9623 | unsolicited email not wanted here Views & opinions here are mine and not those of any past or present employer -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Re: Filters
On Sat, Jan 02, 2016 at 04:44:09PM +1100, Damian McGuckin wrote: > > I would like to read something before 'playing' is done. Old, but still mostly valid: https://poolp.org/0xa871/The-state-of-filters Also, all you need can be found in man pages and the most recent opensmtpd-extras comes with man pages. -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
Re: Filters
Il 1 gennaio 2016 08:09:17 CET, Damian McGuckinha scritto: > >Hi everybody, > >New to this list although I have been using OpenBSD thought since 2.1. >Contributed hardware (long ago) to the OpenBSD project. > >I am trying to figure out how to use DNS BLs with OpenSMTPD. Until I >can >do that, I do not want to deploy it. > >I can see the API code in the source try but not the instructions on >how >to use it. > >I found the document 'opensmtpd-LinuxCon2015.conf' by Giovanni Bechis >and >it seems to imply that filters are operational. In fact, it says > > "there are filters available for dnsbl, regex matching, > Spam Assassin, and Clamav integration and much more" > >However, except for some limited images in the presentation, I cannot >find >any documentation. Even if I grep 'dnsbl' in the current release, >nothing >is there. > >Any pointers as to where I can find this information? > >Thanks - Damian > >Pacific Engineering Systems International, 277-279 Broadway, Glebe NSW >2037 >Ph:+61-2-8571-0847 .. Fx:+61-2-9692-9623 | unsolicited email not wanted >here >Views & opinions here are mine and not those of any past or present >employer You should at least pkg_add opensmtpd-extras to start playing with filters. In base there is only the opensmtpd core implementation. Cheers Giovanni -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org