[sniffer] Re: Question, changing from SNF4SA to Milter, using freebsd

2015-09-08 Thread P Pruett


Interesting, yes, the spamassassin SNF4SA does seem to be able to use
snf-milter instead of snf-server.

On freebsd 9.3 with Sendmail, I did add the milter and restarted sendmail
and its seems to be playing okay.

Now I turned it on, I am not sure what the snf milter is doing.

Can you point me to some more documentation with details about what the
milter is doing?
From what I saw in the setup file it can Allow, Accept, Retry, Reject

I was think it might insert information in the header

Would be nice if the milter could be somehow be used to promote IP
addresses into a pf table
for the pf firewall  to redirect with?

I would not be good at writing custom milters, but I'd be willing to
test some
things if someone would like to try.



--- relevant information in /usr/local/etc/snf-milter/SNFMilter.xml
--
  













   




#
This message is sent to you because you are subscribed to
 the mailing list .
This list is for discussing Message Sniffer,
Anti-spam, Anti-Malware, and related email topics.
For More information see http://www.armresearch.com
To unsubscribe, E-mail to: 
To switch to the DIGEST mode, E-mail to 
To switch to the INDEX mode, E-mail to 
Send administrative queries to  



[sniffer] Re: Question, changing from SNF4SA to Milter, using freebsd

2015-09-08 Thread Pete McNeil
On 2015-09-08 04:04, P Pruett wrote:
>
> Interesting, yes, the spamassassin SNF4SA does seem to be able to use
> snf-milter instead of snf-server.

That's probably not a good way to go. This will cause each message to be
scanned twice. Once by the milter and again by the engine via SNF4SA.

If you want to use SNF4SA then you should turn off the milter and use
SNFServer instead.


> On freebsd 9.3 with Sendmail, I did add the milter and restarted sendmail
> and its seems to be playing okay.
>
> Now I turned it on, I am not sure what the snf milter is doing.

That will depend on how you have it configured. The milter interface
only provides a few options. Your SNF log should tell you what was found
in the scan and the snfmilter configuration will tell you what SNF told
the milter to do.

> Can you point me to some more documentation with details about what the
> milter is doing?
> From what I saw in the setup file it can Allow, Accept, Retry, Reject

That is defined by the milter interface.

Milter.org was shut down permanently just recently.
That page says this is where to find documentation on milters:
http://www.sendmail.com/sm/open_source/download/

>
> I was think it might insert information in the header

SNFMilter should inject the usual SNF headers if they are configured
(they are by default).

>
> Would be nice if the milter could be somehow be used to promote IP
> addresses into a pf table
> for the pf firewall  to redirect with?

That's an entirely different software project. If you want that kind of
functionality then you'd do better to use SNFServer/SNFClient in a
postfix filter. The filter script could then be modified to look at the
results and respond in any way you can code.

Best,
_M



-- 
Pete McNeil
Chief Scientist
ARM Research Labs, LLC
www.armresearch.com
866-770-1044 x7010
twitter/codedweller 


#
This message is sent to you because you are subscribed to
  the mailing list .
This list is for discussing Message Sniffer,
Anti-spam, Anti-Malware, and related email topics.
For More information see http://www.armresearch.com
To unsubscribe, E-mail to: 
To switch to the DIGEST mode, E-mail to 
To switch to the INDEX mode, E-mail to 
Send administrative queries to