On 2006-11-03, Jason R. Mastaler <[EMAIL PROTECTED]> wrote:
> Moving code from tmda-rfilter into a module is on the todo list[1]
> anyway, so I'd say definitely, yes.
Well, this is a lot harder than I thought it would be. I can't seem
to get even the simplest function that's in tmda-rfilter moved into
a module (which BTW I called Filter.py). I think I might be doing
something wrong. Haven't given up, yet.
On another note, I did manage to get my postfix filter working.
It's *extremely* simplistic right now. It's a shell script.
My next goal is to translate it to python.
It does much less than I'd hoped that it would do. It only handles
anything listed in a filter as "bounce". I'd really like to figure
out a way to get it to work with "confirm". On the plus side,
it works.
Anyway, here's how you use it.
1) Make sure that you've set "ALLOW_MODE_640 = True" in /etc/tmdarc
2) Make sure that all ~/.tmda/config and ~/.tmda/crypt_key have
their group set to "mail", and have perms 640.
3) Add the following to master.cf:
tmda unix - n n - - spawn
user=mail argv=/bin/bash /usr/local/src/tmda/contrib/tmda-postfix-policy.sh
4) Add the following to main.cf:
smtpd_recipient_restrictions =
permit_mynetworks,
check_policy_service unix:private/tmda
(Alternatively, you could add this to smtpd_data_restrictions or
smtpd_end_of_data_restrictions)
5) Restart postfix
Here's the file:
#!/bin/bash
export PATH=/usr/local/bin:/usr/bin:/bin
TMDABIN=/usr/local/src/tmda/bin
check() {
## determine which user's TMDA config will apply
USER=`echo $recip | cut -f1 -d@ | cut -f1 -d-`
export HOME=`grep $USER /etc/passwd | cut -f6 -d:`
## Check to see if user has a ~/.tmda/config
if [ ! -s $HOME/.tmda/config ] && [ -r $HOME/.tmda/config ] && [ -r
$HOME/.tmda/crypt_key ]; then
/usr/bin/logger -p mail.info -t postfix/tmda "Permitting email
received for non-TMDA user $USER"
echo action=permit
echo
fi
## Check if sender & recip match anything in the incoming filter
## files.
$TMDABIN/tmda-filter -M $recip $sender | grep MATCH | grep -q bounce$
## If they find something in the filters, dispose of the message.
if [ $? = 0 ]; then
/usr/bin/logger -p mail.info -t postfix/tmda "Rejecting email
recieved from $sender to $recip"
echo "action=reject Message rejected by recipient (TMDA)."
echo
else
/usr/bin/logger -p mail.info -t postfix/tmda "Permitting email
recieved from $sender to $recip"
echo action=permit
echo
fi
}
## Extract sender & recipient addresses
while IFS='=' read var val; do
case "x$var" in
"xrecipient")
recip="$val";;
"xsender")
sender="$val";;
"x")
if [ -z $sender ]; then
echo action=permit
echo
else
check
fi;;
*) ;;
esac
done
_________________________________________________
tmda-workers mailing list ([email protected])
http://tmda.net/lists/listinfo/tmda-workers
