Re: Filters and rctp-to rewrite.

2019-09-10 Thread Giovanni Bechis 
On 9/9/19 7:16 PM, Reio Remma wrote:
> On 09.09.2019 20:03, Giovanni Bechis wrote:
>>> I'm currently using amavisd-new with the quarantine feature, but I'm 
>>> itching to switch to Rspamd (greylisting here I come!).
>>>
>> amavisd-new 2.12 has rspamd support, have you tried it ?
> 
> Curious! I see the project has again switched hands, if you mean this one?
> 
> https://gitlab.com/amavis/amavis
> 
exactly, this is the new official amavis home.

> I'll have a look at it. Then again with Rspamd and filter-rspamd we could cut 
> down a lot of complexity.
>

Re: Filters and rctp-to rewrite.

2019-09-09 Thread gilles 
On Mon, Sep 09, 2019 at 07:48:16PM +0300, Reio Remma wrote:

> On 09.09.2019 18:13, Martijn van Duren wrote:
> On 9/9/19 3:37 PM, Reio Remma wrote:
>> Hello!
>> 
>> Slowly digging into filters.
>> 
>> Now I'm curious if it's possible to modify the recipient after say spam
>> check in data-line? I get the impression that rewriting rcpt-to at that
>> stage is impossible, but my goal would be to redirect/quarantine high
>> scoring spam to a special e-mail address.
>> 
>> Would it be doable somehow?
>> 
>> Thanks!
>> Reio
>> 
> It is not.
> 
> What you might be able to do is add an additional header and somehow let
> an lmtp server make the decision based on the header.
> 
> I haven't used lmtp myself, no clue if this actually works, but it's
> worth investigating :-)
> 
> Please reply to the threat if you managed to make it work.
> 
> Thanks Martijn and Gilles for the confirmation!
> 
> I'm currently using amavisd-new with the quarantine feature, but I'm itching
> to switch to Rspamd (greylisting here I come!).

Rspamd can let you interface Amavis.

I did for someone I'm managing mail for so that you don't have to plug a
ton of different tools directly to OpenSMTPD but let Rspamd broker these
different filters and produce a result.

> I'm using the quarantine to keep an eye on mails with a medium spam score so
> we won't lose the occasional legit mail with a higher than normal spam
> score. Additionally I can train these borderline mails correctly as
> ham/spam.

I will soon extend the filter-rspamd to include symbols it matched.

With this, you'll be able to do delivery-time classification and move to
a quarantine folder if you find the proper symbol.

> I now see Rspamd has a metadata exporter feature I could probably use to
> copy spammy mails to the quarantine mail address.

Dunno about that

> There are also Dovecot's sieve scripts. I'll have to see which work better.

I'm not a big fan of Sieve, it is far more complex than it should be.

I use it for Inbox -> SPAM, Spam -> Inbox training but quite franly if a
classification can happen at delivery time through MDA, I'd rather let a
fdm ruleset classify.

--
Gilles Chehade @poolpOrg

https://www.poolp.org patreon: https://www.patreon.com/gilles

Re: Filters and rctp-to rewrite.

2019-09-09 Thread Reio Remma 

On 09.09.2019 20:03, Giovanni Bechis wrote:

I'm currently using amavisd-new with the quarantine feature, but I'm itching to 
switch to Rspamd (greylisting here I come!).


amavisd-new 2.12 has rspamd support, have you tried it ?


Curious! I see the project has again switched hands, if you mean this one?

https://gitlab.com/amavis/amavis

I'll have a look at it. Then again with Rspamd and filter-rspamd we 
could cut down a lot of complexity.


Reio

Re: Filters and rctp-to rewrite.

2019-09-09 Thread Giovanni Bechis 
On 9/9/19 6:48 PM, Reio Remma wrote:
> On 09.09.2019 18:13, Martijn van Duren wrote:
>> On 9/9/19 3:37 PM, Reio Remma wrote:
>>> Hello!
>>>
>>> Slowly digging into filters.
>>>
>>> Now I'm curious if it's possible to modify the recipient after say spam
>>> check in data-line? I get the impression that rewriting rcpt-to at that
>>> stage is impossible, but my goal would be to redirect/quarantine high
>>> scoring spam to a special e-mail address.
>>>
>>> Would it be doable somehow?
>>>
>>> Thanks!
>>> Reio
>>>
>> It is not.
>>
>> What you might be able to do is add an additional header and somehow let
>> an lmtp server make the decision based on the header.
>>
>> I haven't used lmtp myself, no clue if this actually works, but it's
>> worth investigating :-)
>>
>> Please reply to the threat if you managed to make it work.
> 
> Thanks Martijn and Gilles for the confirmation!
> 
> I'm currently using amavisd-new with the quarantine feature, but I'm itching 
> to switch to Rspamd (greylisting here I come!).
> 
amavisd-new 2.12 has rspamd support, have you tried it ?

> I'm using the quarantine to keep an eye on mails with a medium spam score so 
> we won't lose the occasional legit mail with a higher than normal spam score. 
> Additionally I can train these borderline mails correctly as ham/spam.
> 
> I now see Rspamd has a metadata exporter feature I could probably use to copy 
> spammy mails to the quarantine mail address.
> 
> There are also Dovecot's sieve scripts. I'll have to see which work better.
> 
> Thanks,
> Reio
>

Re: Filters and rctp-to rewrite.

2019-09-09 Thread Reio Remma 

On 09.09.2019 18:13, Martijn van Duren wrote:

On 9/9/19 3:37 PM, Reio Remma wrote:

Hello!

Slowly digging into filters.

Now I'm curious if it's possible to modify the recipient after say spam
check in data-line? I get the impression that rewriting rcpt-to at that
stage is impossible, but my goal would be to redirect/quarantine high
scoring spam to a special e-mail address.

Would it be doable somehow?

Thanks!
Reio


It is not.

What you might be able to do is add an additional header and somehow let
an lmtp server make the decision based on the header.

I haven't used lmtp myself, no clue if this actually works, but it's
worth investigating :-)

Please reply to the threat if you managed to make it work.


Thanks Martijn and Gilles for the confirmation!

I'm currently using amavisd-new with the quarantine feature, but I'm 
itching to switch to Rspamd (greylisting here I come!).


I'm using the quarantine to keep an eye on mails with a medium spam 
score so we won't lose the occasional legit mail with a higher than 
normal spam score. Additionally I can train these borderline mails 
correctly as ham/spam.


I now see Rspamd has a metadata exporter feature I could probably use to 
copy spammy mails to the quarantine mail address.


There are also Dovecot's sieve scripts. I'll have to see which work better.

Thanks,
Reio

Re: Filters and rctp-to rewrite.

2019-09-09 Thread gilles 
September 9, 2019 3:37 PM, "Reio Remma"  wrote:

> Hello!
> 

Hello,


> Slowly digging into filters.
> 
> Now I'm curious if it's possible to modify the recipient after say spam check 
> in data-line? I get
> the impression that rewriting rcpt-to at that stage is impossible, but my 
> goal would be to
> redirect/quarantine high scoring spam to a special e-mail address.
> 

By the time you start receiving DATA, the RCPT TO decision has already been 
taken
in the SMTP transaction, so that would basically be a jump back in time.


> Would it be doable somehow?
> 

If you want to rewrite the RCPT TO, then not doable without your filter issuing 
a
SMTP transaction itself by connecting and playing a session.

If you want to junk (add X-Spam header), then you can simply have you filter do 
a
buffering of DATA and prepend header on commit (what filter-rspamd does).

Re: Filters guidance request

2019-04-30 Thread Gilles Chehade 
Yes to clarify further, I bought myself another release cycle ;-)

The filter code in 6.5 is voluntarily undocumented as both grammar and
protocol didn't have enough time to "rest" for us to spot things which
would appear better after a few months of being in use.

Now that the stable release is out I will start documenting and making
some of the changes I wanted so that it's "stable" in 6.6.

If you're a developer, you can use filters in 6.5, you just need to be
advanced enough to read code.


On Sat, Apr 27, 2019 at 01:03:57AM +0200, Martijn van Duren wrote:
> See https://poolp.org/, there are some things available, but as far as  
> I'm aware everything is still experimental.
> 
> martijn@
> 
> On 4/26/19 9:45 PM, Aham Brahmasmi wrote:
> > Namaste misc,
> > 
> > I was wondering whether the absence of filters on the 6.5 [1] and
> > current smtpd.conf(5) [2] manpages along with the modest OpenSMTPD 6.5.0
> > release notes [3] should be read into.
> > 
> > In other words, are filters ready for general use?
> > 
> > Dhanyavaad.
> > 
> > Regards,
> > ab
> > [1] - https://man.openbsd.org/OpenBSD-6.5/smtpd.conf
> > [2] - https://man.openbsd.org/smtpd.conf
> > [3] - https://www.openbsd.org/65.html
> > -|-|-|-|-|-|-|--
> > 
> 
> -- 
> You received this mail because you are subscribed to misc@opensmtpd.org
> To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
> 

-- 
Gilles Chehade @poolpOrg

https://www.poolp.org tip me: https://paypal.me/poolpOrg

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: [Filters] share data between callbacks

2016-03-23 Thread fritjof 
On Wed, Mar 23, 2016 at 09:49:24AM +0100, Gilles Chehade wrote:
> On Wed, Mar 23, 2016 at 12:21:03AM +0100, Joerg Jung wrote:
> > On Tue, Mar 22, 2016 at 10:57:00PM +0100, frit...@alokat.org wrote:
> > > Hi,
> > > 
> > > is it possible to share data between callback functions in a python-based 
> > > filter?
> > > I'm looking for something like this one (from the clamav filter):
> > > - filter_api_set_udata
> > > - filter_api_get_udata
> > 
> > I think you could just create your own python dict which associates user
> > data with the given message ID. 
> >  
> 
> yes, that's what I do myself, i use the on_connect/on_disconnect to
> store a per-session dictionnary where i can store stuff I want to
> retain between callbacks
>

Thanks, I'll give it a try.

Btw: why do I not see the filter log calls (e.g. from filter-trace), if I use
$ echo "foo" | mail -s "bar" 
but I can see how the mail is processed.

If I use:
$ telnet localhost 25
and do all the staff manually, I see the filter's output.

--f.

> -- 
> Gilles Chehade
> 
> https://www.poolp.org  @poolpOrg
> 

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: [Filters] share data between callbacks

2016-03-22 Thread Joerg Jung 
On Tue, Mar 22, 2016 at 10:57:00PM +0100, frit...@alokat.org wrote:
> Hi,
> 
> is it possible to share data between callback functions in a python-based 
> filter?
> I'm looking for something like this one (from the clamav filter):
> - filter_api_set_udata
> - filter_api_get_udata

I think you could just create your own python dict which associates user
data with the given message ID. 
 
> If it's not, how can I compile a C-based filter?
> gcc(1) says: smtpd-api.h no such file or directory. According to filter_api(3)
> it has to be included.
> 
> --f.
> 
> -- 
> You received this mail because you are subscribed to misc@opensmtpd.org
> To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org
> 

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Filters

2016-01-02 Thread Damian McGuckin 

On Sat, 2 Jan 2016, Sunil Nimmagadda wrote:


Filters require you to be -current. On OpenBSD the simplest way to test...


Thanks. That's extremely very useful. That was never mentioned anywhere.

I'll wait until 5.9 comes out.

We never run '-current' to protect sites.

Regards - Damian

Pacific Engineering Systems International, 277-279 Broadway, Glebe NSW 2037
Ph:+61-2-8571-0847 .. Fx:+61-2-9692-9623 | unsolicited email not wanted here
Views & opinions here are mine and not those of any past or present employer

--
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Filters

2016-01-02 Thread Joerg Jung 
On Sat, Jan 02, 2016 at 04:44:09PM +1100, Damian McGuckin wrote:
> 
> I would like to read something before 'playing' is done.

Old, but still mostly valid: 
https://poolp.org/0xa871/The-state-of-filters

Also, all you need can be found in man pages and
the most recent opensmtpd-extras comes with man pages.

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org

Re: Filters

2016-01-01 Thread Giovanni Bechis 
Il 1 gennaio 2016 08:09:17 CET, Damian McGuckin  ha scritto:
>
>Hi everybody,
>
>New to this list although I have been using OpenBSD thought since 2.1.
>Contributed hardware (long ago) to the OpenBSD project.
>
>I am trying to figure out how to use DNS BLs with OpenSMTPD. Until I
>can 
>do that, I do not want to deploy it.
>
>I can see the API code in the source try but not the instructions on
>how 
>to use it.
>
>I found the document 'opensmtpd-LinuxCon2015.conf' by Giovanni Bechis
>and 
>it seems to imply that filters are operational. In fact, it says
>
>   "there are filters available for dnsbl, regex matching,
>   Spam Assassin, and Clamav integration and much more"
>
>However, except for some limited images in the presentation, I cannot
>find 
>any documentation. Even if I grep 'dnsbl' in the current release,
>nothing 
>is there.
>
>Any pointers as to where I can find this information?
>
>Thanks - Damian
>
>Pacific Engineering Systems International, 277-279 Broadway, Glebe NSW
>2037
>Ph:+61-2-8571-0847 .. Fx:+61-2-9692-9623 | unsolicited email not wanted
>here
>Views & opinions here are mine and not those of any past or present
>employer

You should at least pkg_add opensmtpd-extras to start playing with filters.
In base there is only the opensmtpd core implementation.
  Cheers
   Giovanni

-- 
You received this mail because you are subscribed to misc@opensmtpd.org
To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org