 | Start a set with this search |
 | Include this search in one of my sets |
 | Exclude this search from one of my sets |
 | Permalink to these results Paste this link in email or IM: |
 | Atom feed for tracking future search results Paste this URL into your reader: |
4 messages in net.sourceforge.lists.courier-maildropRe: [maildropl] calling local and glo...| From | Sent On | Attachments |
|---|---|---|
| Peter Davies | Apr 25, 2004 7:51 pm | |
| Joaquim Laureano | Apr 26, 2004 3:59 am | |
| Tony Earnshaw | Apr 26, 2004 6:29 am | |
| Ajay Sharma | Apr 26, 2004 5:30 pm |
| Permalink for this message Paste this link in email or IM: |
| Permalink for this thread Paste this link in email or IM: |
| Atom feed for this thread Paste this URL into your reader: |
| Subject: | Re: [maildropl] calling local and global maildrop filters that call spamassasin | Actions... |
|---|---|---|
| From: | Joaquim Laureano (laur...@lusostar.com) | |
| Date: | Apr 26, 2004 3:59:52 am | |
| List: | net.sourceforge.lists.courier-maildrop | |
Peter,
It seems that we have different setups, I am using only the courier-imap with postfix and maildrop while you seems to be using the full fledge courier. I will stay away from any conjecture of how you should setup your system because you only provide information about the filtering scripts. However you might still get some useful ideas from the information that I have provided to others. See it below.
I would like to call your attention to the fact that you want to stop delivery
of
spam email. Are you providing email service to yourself only or to paying
customers? The reason that I ask this question is that, if I understand it
correctly, stopping delivery of email, even if it is spam, can be unlawful. To
avoid any problem with the law I deliver all email, but the one that is detected
to be spam, or has a small degree of being spam, is delivered to specifically
labeled folders.
---------------------------------------------------------------------------------------------
postfix: main.cf --------------------- (I do not use the "mailbox_command=/usr/local/maildrop/bin/maildrop") virtual_transport = maildrop
postfix: master.cf
------------------------
maildrop unix - n n - - pipe
flags=DRhqu user=vmail:vmail argv=/usr/local/bin/maildrop -d ${recipient} -f
${sender} ${extension} -w 80
maildrop: /etc/maildroprc --------------------------------- (the other day someone argued that "cc "|/usr/bin/sa-learn --single --ham"" is an unnecessary step)
VHOME="/home/vmail/vhosts" ACCOUNT=`echo $LOGNAME | cut -d@ -f1` USERDOMAIN=`echo $LOGNAME | cut -d@ -f2`
if ( $SIZE < 26144 ) { exception { xfilter "/usr/bin/spamc" } }
if (/^X-Spam-Flag: *NO/)
{
exception {
to "$VHOME/$USERDOMAIN/$ACCOUNT/Maildir"
cc "|/usr/bin/sa-learn --single --ham"
}
}
else
{
if ( /^X-Spam-Level: *-----.*$/ )
{
if( test -d $VHOME/$USERDOMAIN/$ACCOUNT/.Spam )
{
`maildirmake -f Spam $VHOME/$USERDOMAIN/$ACCOUNT`
`echo INBOX.Spam >>
$VHOME/$USERDOMAIN/$ACCOUNT/courierimapsubscribed`
}
exception { to "$VHOME/$USERDOMAIN/$ACCOUNT/.Spam" } cc "|/usr/bin/sa-learn --single --spam" }
if ( /^X-Spam-Level: *-.*$/ )
{
`test -d $VHOME/$USERDOMAIN/$ACCOUNT/.AssumedSpam`
if( $RETURNCODE == 1 )
{
`maildirmake -f AssumedSpam $VHOME/$USERDOMAIN/$ACCOUNT`
`echo INBOX.AssumedSpam >>
$VHOME/$USERDOMAIN/$ACCOUNT/courierimapsubscribed`
}
exception { to "$VHOME/$USERDOMAIN/$ACCOUNT/.AssumedSpam" } } }
spamassassin: /etc/mail/spamassassin/local.cf --------------------------------------------------------------- report_safe 1 required_hits 9 rewrite_subject 0 subject_tag [SPAM]
# handling headers add_header all Level _STARS(-)_ add_header all Report _REPORT_
# Enable the Bayes system use_bayes 1 bayes_auto_learn 1 bayes_min_ham_num 200 bayes_min_spam_num 200 bayes_auto_learn_threshold_nonspam 0.1 bayes_auto_learn_threshold_spam 12.0 #bayes_path /etc/mail/spamassassin/bayes
# privileged settings allow_user_rules 0
# white list hosted domains whitelist_from *@domain.tld (domain.tld should be changed to a real domain)
# white list for individual email addresses whitelist_from us...@domain.tld
-----------------------------------------
On Sun, 2004-04-25 at 22:51, Peter Davies wrote:
(running unhacked complete courier 0.44.2 on rh9)
can someone help me with the flow involved with the calling of maildrop filters.
in my particular setup i have two methods of calling a maildrop filter, one local and one global.
in ~/.mailfilter/smtpfilter I use a maildrop "include" statement to reference a script that in turn calls either spamc or spamassassin (see * later why I mention both spamc AND spamassassin )
also, I have a file /usr/lib/courier/etc/maildroprc defined that does something similar in that it contains a maildrop "include" statement that calls a maildrop script that also calls spamc or spamassassin.
these two SA calling scripts are only different in that they make a note in the maildrop filter log to specify who the caller was for tracing and debugging purposes. in the remainder of this email i refer to them as either an smtpfilter call or a maildroprc call. (note that each script dumps the maildrop var $MAILFILTER to the maildrop log file. in the case of the smptfilter the $MAILFILTER var contains the string "smtpfilter" - seems reasonable - but following the call from maildroprc the $MAILFILTER var contains a null string.)
there is one other significant difference in the two scripts - i'd love an explanation of this too - i find that for the maildroprc to work correctly (not deliver email upon detection of spam) the EXITCODE must be set to 0 upon detection of spam:
if ( /^X-Spam-Flag: YES/ ) { echo "SpamAssassin (maildroprc) declares this email to be spam" EXITCODE=0 exit }
whereas in the smtpfilter script the EXITCODE must be set to 1 for the email not to be delivered: if ( /^X-Spam-Flag: YES/ ) { echo "SpamAssassin (smtp) declares this email to be spam" EXITCODE=1 exit }
go figure....
now, here is the embarrassing part. I cannot determine why in some cases the smptfilter gets called alone, in other cases the maildroprc filter gets called alone and in some other cases, they both get called and applied to a single piece of email. i clearly do not understand something significant about the flow here. yes - i have read the documentation, searched the internet, checked the mail list archives.
i would have thought that global filtering would have been done first, maildroprc, then the user's local filter, smtpfilter, would follow (if the global filter hand't punted the email as spam) but now i'm not sure...
(*) it seems that sometimes when spamc is specified that the calls cannot be completed as I get a high frequency of msgs in the /var/log/maillog:
Apr 25 15:18:15 aasen courieresmtpd: error,relay=::ffff:205.219.84.13,from=<zmqo...@everymail.net>: 558 450 maildrop: Unable to filter message.
this problem disappears when spamassassin is called explicitly, rather than the daemon, spamd. is there way to debug explicitly why maildrop is unable to filter the msg - clearly we aren't talking about a maildrop language syntax error as sometimes the scripts work. the entries in the /var/log/maillog aren't very helpful. redirecting the spamd log info to a file (spamd -s file) doesn't increase the verbosity or help in any other way.
so, wouldn't you think that putting the call in maildroprc alone would be enough - all i really want is a global filter to call spamassassin and detect spam - i did, and apparently i was wrong. the only way i could get all mail calling SA and subsequently filtered was to add the call from .mailfilter/smtpfilter - but the downside now is that sometimes, just sometimes, both scripts are called (but not always!) what was that about programs behaving deterministically?
and then there is the issue of the maillog msg originators - can someone tell me why sometimes the msg doesn't originate from couriersmtpd but instead courierlocal as in:
Apr 25 18:41:26 aasen courierlocal:
id=000045FB.408C68BE.00004AA1,from=<038...@cse.nagoya-u.ac.jp>,addr=<pet...@davies.com>:
SpamAssassin (maildroprc) declares this email to be spam
Apr 25 05:49:46 aasen courieresmtpd: error,relay=::ffff:66.54.93.250,from=<CfDr...@srcbprs.com>: 558 450 SpamAssassin (smtp) declares this email to be spam
i guess the question here is why does some "external" email get handled by courierlocal where as other external email gets handled by couriersmtpd? its seems that an error detected by the global filter, maildroprc, would be reported by a module named courierlocal. i'm missing something significant here.
hopefully there is enough stupidity in here to provoke mr.sam into making a terse, yet meaningful comment bu yet not too much that there will be no response - the ultimate courier list insult...
thanks for any and all help
peter
------------------------------------------------------- This SF.net email is sponsored by: The Robotic Monkeys at ThinkGeek For a limited time only, get FREE Ground shipping on all orders of $35 or more. Hurry up and shop folks, this offer expires April 30th! http://www.thinkgeek.com/freeshipping/?cpg=12297
_______________________________________________ Courier-maildrop mailing list Cour...@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/courier-maildrop
-- Joaquim Laureano Lusostar Technologies, LLC 291 Old Deal Road Eatontown, NJ 07724 Phone: 732-413-0363 Email: laur...@lusostar.com