5 messages in net.sourceforge.lists.courier-maildrop[maildropl] Re: xfilter with anomy sa...
FromSent OnAttachments
Chris BrintonMay 27, 2003 7:38 am 
Sam VarshavchikMay 27, 2003 8:08 am 
EmilianoMay 27, 2003 11:07 am 
Gerardo A. GregoryMay 27, 2003 11:35 am 
EmilianoMay 27, 2003 12:04 pm 
Actions with this message:
Paste this link in email or IM:
Paste this link in email or IM:
Atom feed for this thread
Paste this URL into your reader:
Subject:[maildropl] Re: xfilter with anomy sanitizerActions...
From:Emiliano (emil@climafin.com.ar)
Date:May 27, 2003 12:04:39 pm
List:net.sourceforge.lists.courier-maildrop

Well, my sanitizer permissions look like this. -rwxr-xr-x 1 vmail emiliano 5051 sep 18 2002 /usr/root/anomy/bin/sanitizer.pl The cfg file. -rw-r--r-- 1 vmail vmail 3177 may 13 14:31 /usr/local/anomy/sanitizer.cfg

My /usr/local/anomy/sanitizer.cfg ( sorry, very long... ) # Do not log to STDERR: feat_log_stderr = 0

# Don't insert log in the message itself: feat_log_inline = 0

# Advertisement to insert in each mail header: header_info = X-Sanitizer: Filtro de Mail header_url = 0 header_rev = 0

# Enable filename based policy decisions: feat_files = 1

# Protect against buffer overflows and null values: feat_lengths = 1

# Replace MIME boundaries with our own: ( decia 1 ) feat_boundaries = 0

# Fix invalid and ambiguous MIME boundaries, if possible: feat_fixmime = 1

# Trust signed and/or encrypted messages: feat_trust_pgp = 1

msg_pgp_warning = WARNING: Unsanitized content follows.\n # Defang shell scripts:( decia 0 ) feat_scripts = 1

# Defang active HTML: feat_html = 1

# Defang UUEncoded files: feat_uuencoded = 1

# Sanitize forwarded content too: feat_forwards = 1

# Testing? Set to 1 for testing, 0 for production: feat_testing = 0

# # Warn user about unscanned parts, etc. feat_verbose = 1

# Force all parts (except text/html parts) to # have file names. feat_force_name = 1

# Disable web bugs: feat_webbugs = 1

# Disable "score" based mail discarding: score_panic = 0 score_bad = 0 msg_file_drop = \n*****\n msg_file_drop += NOTA: Un archivo adjunto llamado %FILENAME fue eliminado de este mensaje msg_file_drop += porque contiene un Ejecutable de Windows o msg_file_drop += otro tipo de archivo peligroso para el sistema. msg_file_save = \n*****\n msg_file_save += NOTA: Adjunto %FILENAME removido por cuestiones de Seguridad en el Sistema.\n msg_file_save += ( es muy probable que sea un virus ).\n msg_file_save += Para recuperalo contacte a SISTEMAS.

## ## File attachment name mangling rules: ## # Specify the Anomy temp file and quarantine directory #file_name_tpl = /var/cuarentena/ojo-$F-$T.$$ file_name_tpl = /var/cuarentena/ojo-$F-notocar

# Number of rulesets we are defining: file_list_rules = 2 file_default_policy = defang

# Delete probably nasty attachments: file_list_1_scanner = 0 file_list_1_policy = save file_list_1 = (?i)(winmail.dat)| file_list_1 += (\.(exe|com|vb[se]|dll|ocx|cmd|bat|pif|lnk|hlp|ms[ip]|reg|sct|inf file_list_1 += |asd|cab|sh[sb]|scr|cpl|chm|ws[fhc]|hta|vcd|vcf|eml|nws))$

# Allow known "safe" file types and those that will be # scanned by the user's desktop virus scanner: file_list_2 = (?i)\.

# Word processor and document formats: file_list_2 += (doc|dot|txt|rtf|pdf|ps|htm|[sp]?html? # Spreadsheets: file_list_2 += |xls|xlw|xlt|csv|wk[1-4]

# Presentation applications: file_list_2 += |ppt|pps|pot

# Bitmap graphic files: file_list_2 += |jpe?g|gif|png|tiff?|bmp|psd|pcx

# Vector graphics and diagramming: file_list_2 += |vsd|drw|cdr|swf

# Multimedia: file_list_2 += |mp3|avi|mpe?g|mov|ram?|mid|ogg

# Archives: file_list_2 += |zip|g?z|rar|tgz|bz2|tar

# Source code: file_list_2 += |[ch](pp|\+\+)?|s|inc|asm|patch|java|php\d?|jsp|bas) file_list_2_policy = save file_list_2_scanner = 0

But, still the same error

May 27 15:45:38 linux2 postfix/local[15520]: 6FC09A514: to=<emil@mail.climafin.com.ar>, relay= local, delay=0, status=deferred (temporary failure. Command output: bash: /usr/local/anomy/sanitiz er.pl: Permission denied maildrop: error writing to filter. /usr/local/bin/maildrop: Unable to fil ter message. )

Thanks for your help Emiliano

----- Original Message ----- From: "Gerardo A. Gregory" <ggre@affinitas.net> To: "Emiliano" <emil@climafin.com.ar> Cc: <cour@lists.sourceforge.net> Sent: Tuesday, May 27, 2003 3:30 PM Subject: Re: xfilter with anomy sanitizer

Look at your permissions, for both your .mailfilter file and also for your anomy perl script (must be executble - if I remmember correctly when using .mailfilter files the "users" uid/gid are being used, so if the anomy script is not executable by the "user" it will not work)

sanitizer.pl should have -rwxr-xr-x and the config file there should be read permissions for the owner/group/everyone else....

If these are ok, check your anomy config, I had also been unable to filter the messages with a bad config file.

hope this helps, good luck!

Gerardo

Emiliano writes:

Hello to everyone. I have Postfix+mysql+maildrop with virtual users working. Now I want to add anomy sanitizer to my .mailfilter file. So I put:

ANOMY=/usr/local/anomy/ xfilter "/usr/local/anomy/bin/sanitizer.pl /usr/local/anomy/anomy.conf"

And my logs says: May 27 14:54:10 linux2 postfix/local[15195]: 9D5D3A517: to=<emil@climafin.com.ar>, relay= local, delay=1, status=deferred (temporary failure. Command output: bash: /usr/local/anomy/sanitiz er.pl: Permission denied maildrop: error writing to filter. /usr/local/bin/maildrop: Unable to fil ter message. )

Any Ideas..? Thanks... Emiliano.

_______________________________________________ Courier-maildrop mailing list Cour@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/courier-maildrop

Gerardo A. Gregory Manager Network Administration and Security 402-970-1463 (Direct) 402-850-4008 (Cell) ------------------------------------------------ Affinitas - Latin for "Relationship" Helping Businesses Acquire, Retain, and Cultivate Customers Visit us at http://www.affinitas.net