 | Start a set with this search |
 | Include this search in one of my sets |
 | Exclude this search from one of my sets |
 | Permalink to these results Paste this link in email or IM: |
 | Atom feed for tracking future search results Paste this URL into your reader: |
10 messages in net.sourceforge.lists.courier-usersRe: [courier-users] Maildrop problem| From | Sent On | Attachments |
|---|---|---|
| Jérôme Blion | May 17, 2007 3:30 pm | |
| Jeff Jansen | May 17, 2007 8:44 pm | |
| Jérôme Blion | May 18, 2007 4:33 am | |
| Aldisa Admin | May 18, 2007 5:49 am | |
| Jérôme Blion | May 18, 2007 6:22 am | |
| Alessandro Vesely | May 18, 2007 8:40 am | |
| mouss | May 18, 2007 3:03 pm | |
| Jérôme Blion | May 18, 2007 7:30 pm | |
| Sam Varshavchik | May 18, 2007 8:21 pm | |
| Jérôme Blion | May 19, 2007 5:50 am |
| Permalink for this message Paste this link in email or IM: |
| Permalink for this thread Paste this link in email or IM: |
| Atom feed for this thread Paste this URL into your reader: |
| Subject: | Re: [courier-users] Maildrop problem | Actions... |
|---|---|---|
| From: | Jérôme Blion (jero...@free.fr) | |
| Date: | May 18, 2007 7:30:37 pm | |
| List: | net.sourceforge.lists.courier-users | |
Hello,
Here is one of the mail I sent: (coucou means hello in french :) ). It's the final output.
============================ START OF MAIL ============================
X-Spam-Checker-Version: SpamAssassin 3.1.7-deb (2006-10-05) on serveur
X-Spam-Level:
X-Spam-Status: No, score=-0.1 required=5.0 tests=ALL_TRUSTED,MISSING_SUBJECT
autolearn=ham version=3.1.7-deb
Delivered-To: jer...@hebergement-pro.org
Return-Path: <ro...@hebergement-pro.org>
Received: from localhost (localhost [127.0.0.1])
(uid 0)
by serveur.hebergement-pro.org with local; Sat, 19 May 2007 03:28:59 +0200
id 0024826B.464E52DB.00007BD8
Date: Sat, 19 May 2007 03:28:59 +0200
To: jer...@hebergement-pro.org
User-Agent: Heirloom mailx 12.1 6/15/06
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
From: root <ro...@hebergement-pro.org>
Message-ID: <cour...@serveur.hebergement-pro.org>
X-Virus-Status: No
X-Virus-Checker-Version: clamassassin 1.2.4 with clamdscan / ClamAV
0.90.2/3268/Fri May 18 20:21:18 2007 signatures 43.
coucou
============================= END OF MAIL =============================
Alessandro Vesely a écrit :
Removing just the "exit" should deliver the message that matched your "X-Virus-Status". Next you have two choices:
1) Remove just the "exit" instruction so that the message gets delivered. Check the timestamp of /tmp/maildrop/virus and the delivered message. The header isn't there? Try capturing it, e.g.,
if( /^(X-Virus-Status: INFECTED.*)/:h ) { `echo "$MATCH" > /tmp/maildrop/virus` }
Great idea ! I should have thought about it earlier!
# echo "coucou" | mail jer...@hebergement-pro.org # ll total 4 -rw-rw---- 1 daemon daemon 1 May 19 03:29 virus serveur:/tmp/maildrop# more virus
#
(It's the good timestamp... I use a .courier on my personal account to enable maildrop filtering... and I have no friends :-D )
2) Run maildrop in verbose mode, see http://www.courier-mta.org/maildrop.html you can log in as courier or run, e.g.,
su -c 'cat mymsg | maildrop -V 7 fifi' courier
where fifi is maildrop's recipe, mymsg is the message file, and courier is the owner of fifi.
Either choice should bring evidence about what matches your regex
# cat mail Return-Path: <ro...@hebergement-pro.org> Date: Sat, 19 May 2007 03:28:59 +0200 To: jer...@hebergement-pro.org User-Agent: Heirloom mailx 12.1 6/15/06 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit From: root <ro...@hebergement-pro.org> Message-ID: <cour...@serveur.hebergement-pro.org>
# more /usr/lib/courier/etc/maildroprc SCANSIZE="200000000"
if( $SIZE < $SCANSIZE ) { exception { xfilter "/usr/local/clamav/bin/clamassassin" xfilter "/usr/bin/spamc" } }
if( /^(X-Virus-Status: Yes.*)/:h ) { `echo "$MATCH" > /tmp/maildrop/virus` }
(Headers have changed in the night)
# maildrop -V 7 < /tmp/maildrop/mail maildrop: Changing to /root Message start at 0 bytes, envelope sender=root /usr/lib/courier/etc/maildroprc(1): SCANSIZE="200000000" /usr/lib/courier/etc/maildroprc(3): Evaluating IF condition. /usr/lib/courier/etc/maildroprc(3): Operation on: 348 and 200000000 - less than, result is 1 /usr/lib/courier/etc/maildroprc(3): IF evaluated, result=1 /usr/lib/courier/etc/maildroprc(5): Trapping exceptions. maildrop: Filtering through xfilter /usr/local/clamav/bin/clamassassin maildrop: Filtering through xfilter /usr/bin/spamc /usr/lib/courier/etc/maildroprc(5): Exception trapping removed. /usr/lib/courier/etc/maildroprc(11): Evaluating IF condition. Matching /^(X-Virus-Status: Yes.*)/ against Return-Path: <ro...@hebergement-pro.org> Not matched. Matching /^(X-Virus-Status: Yes.*)/ against X-Spam-Checker-Version: SpamAssassin 3.1.7-deb (2006-10-05) on serveur Not matched. Matching /^(X-Virus-Status: Yes.*)/ against X-Spam-Level: ** Not matched. Matching /^(X-Virus-Status: Yes.*)/ against X-Spam-Status: No, score=2.8 required=5.0 tests=EMPTY_MESSAGE,MISSING_SUBJECT, NO_RECEIVED,NO_RELAYS autolearn=no version=3.1.7-deb Not matched. Matching /^(X-Virus-Status: Yes.*)/ against Date: Sat, 19 May 2007 03:28:59 +0200 Not matched. Matching /^(X-Virus-Status: Yes.*)/ against To: jer...@hebergement-pro.org Not matched. Matching /^(X-Virus-Status: Yes.*)/ against User-Agent: Heirloom mailx 12.1 6/15/06 Not matched. Matching /^(X-Virus-Status: Yes.*)/ against MIME-Version: 1.0 Not matched. Matching /^(X-Virus-Status: Yes.*)/ against Content-Type: text/plain; charset=us-ascii Not matched. Matching /^(X-Virus-Status: Yes.*)/ against Content-Transfer-Encoding: 7bit Not matched. Matching /^(X-Virus-Status: Yes.*)/ against From: root <ro...@hebergement-pro.org> Not matched. Matching /^(X-Virus-Status: Yes.*)/ against Message-ID: <cour...@serveur.hebergement-pro.org> Not matched. Matching /^(X-Virus-Status: Yes.*)/ against X-Virus-Status: No Not matched. Matching /^(X-Virus-Status: Yes.*)/ against X-Virus-Checker-Version: clamassassin 1.2.4 with clamdscan / ClamAV 0.90.2/3268/Fri May 18 20:21:18 2007 signatures 43. Not matched. /usr/lib/courier/etc/maildroprc(11): Search of ^(X-Virus-Status: Yes.*) = 0 /usr/lib/courier/etc/maildroprc(11): IF evaluated, result=0 maildrop: Filtering through `echo "$MATCH" > /tmp/maildrop/virus` maildrop: Attempting .mailfilter maildrop: Delivering to ./Maildir maildrop: Flock()ing ./Maildir. maildrop: Appending to ./Maildir. maildrop: Delivery complete.
========= Here is a test with a virus attached to the mail (clam.exe) =========
# maildrop -V 7 < mail_virus maildrop: Changing to /root Message start at 0 bytes, envelope sender=root /usr/lib/courier/etc/maildroprc(1): SCANSIZE="200000000" /usr/lib/courier/etc/maildroprc(3): Evaluating IF condition. /usr/lib/courier/etc/maildroprc(3): Operation on: 1754 and 200000000 - less than, result is 1 /usr/lib/courier/etc/maildroprc(3): IF evaluated, result=1 /usr/lib/courier/etc/maildroprc(5): Trapping exceptions. maildrop: Filtering through xfilter /usr/local/clamav/bin/clamassassin maildrop: Filtering through xfilter /usr/bin/spamc /usr/lib/courier/etc/maildroprc(5): Exception trapping removed. /usr/lib/courier/etc/maildroprc(11): Evaluating IF condition. Matching /^(X-Virus-Status: Yes.*)/ against Return-Path: <ro...@hebergement-pro.org> Not matched. Matching /^(X-Virus-Status: Yes.*)/ against X-Spam-Checker-Version: SpamAssassin 3.1.7-deb (2006-10-05) on serveur Not matched. Matching /^(X-Virus-Status: Yes.*)/ against X-Spam-Level: Not matched. Matching /^(X-Virus-Status: Yes.*)/ against X-Spam-Status: No, score=-1.4 required=5.0 tests=ALL_TRUSTED autolearn=failed version=3.1.7-deb Not matched. Matching /^(X-Virus-Status: Yes.*)/ against Received: from localhost (localhost [127.0.0.1]) (uid 0) by serveur.hebergement-pro.org with local; Sat, 19 May 2007 04:08:38 +0200 id 00248710.464E5C26.000020B2 Not matched. Matching /^(X-Virus-Status: Yes.*)/ against Date: Sat, 19 May 2007 04:08:38 +0200 Not matched. Matching /^(X-Virus-Status: Yes.*)/ against To: jer...@hebergement-pro.org Not matched. Matching /^(X-Virus-Status: Yes.*)/ against User-Agent: Heirloom mailx 12.1 6/15/06 Not matched. Matching /^(X-Virus-Status: Yes.*)/ against Mime-Version: 1.0 Not matched. Matching /^(X-Virus-Status: Yes.*)/ against Content-Type: multipart/mixed; boundary="=_serveur-8370-1179540518-0001-2" Not matched. Matching /^(X-Virus-Status: Yes.*)/ against From: root <ro...@hebergement-pro.org> Not matched. Matching /^(X-Virus-Status: Yes.*)/ against Message-ID: <cour...@serveur.hebergement-pro.org> Not matched. Matching /^(X-Virus-Status: Yes.*)/ against Subject: COUCOU Not matched. Matching /^(X-Virus-Status: Yes.*)/ against X-Virus-Status: Yes /usr/lib/courier/etc/maildroprc(11): Search of ^(X-Virus-Status: Yes.*) = 1 /usr/lib/courier/etc/maildroprc(11): IF evaluated, result=1 maildrop: Filtering through `echo "$MATCH" > /tmp/maildrop/virus` maildrop: Attempting .mailfilter maildrop: Delivering to ./Maildir maildrop: Flock()ing ./Maildir. maildrop: Appending to ./Maildir. maildrop: Delivery complete.
# cat /tmp/maildrop/virus X-Virus-Status: Yes
==========================================================
I don't see anything in the latest Changelog about maildrop between my version (0.54) and the latest one. Now, it's sure... I'm stuck... I see that Maildrop matches (or not) the header as expected. But in all cases, it enters in the if statement...
Can someone give some ideas?
Jerome Blion...