2019-09-20 - hschneider, Admin
Cookie Disclaimer: This forum uses only essential, anonymous session cookies (xmailforum*), nothing to be scared of.
XMail Forum · Newbies read here ! All about SMTP,MX-Records,DNS etc. | Help Search Members Calendar |
Welcome Guest ( Log In | Register ) | Resend Validation Email |
speedracer05 |
Posted: Jul 23 2002, 11:18 PM
|
Newbie Group: Members Posts: 5 Member No.: 222 Joined: 23-July 02 |
First off, I would like to thank Davide for such a great product. I have been using xmail for about 8 months and have never had any issues with my mailserver I recommend Xmail to everyone.
I'm running a Linux box with Xmail version 1.5 and have been trying to cut-down on the amount of spam I'm receiving using Mail::Audit and SpamAssassin. Unfortunately, I cannot get Mail::Audit to read my incoming mail... here is what's happening: I have a script to test SpamAssassin in the /var/MailRoot/bin directory (of course, I have a .tab file setup in the /var/MailRoot/filters directory that calls this script)... here is what the script looks like: /var/MailRoot/bin/test.pl #!/usr/bin/perl use Mail::Audit use Mail::SpamAssassin my $mail = Mail::Audit->new() my $spamtest = Mail::SpamAssassin->new() my $status = $spamtest->check($mail) if ($status->is_spam ()) { $status->rewrite_mail() $mail->accept("/var/MailRoot/spam") } else { $mail->accept() } All incoming mail is directed to the /var/MailRoot/spam/new directory and tagged as spam because Mail::Audit does not read the mail and all fields are left blank (to, from, subject... etc.). Here is the mail that is received and filtered by SpamAssassin: /var/MailRoot/spam/new/235625.245_1.ns From: Subject: *****SPAM***** X-Spam-Status: Yes, hits=11.8 required=5.0 tests=FROM_MALFORMED,REPLY_TO_EMPTY,TO_EMPTY,SUBJ_MISSING, TO_MALFORMED,INVALID_DATE,MISSING_HEADERS version=2.31 X-Spam-Flag: YES X-Spam-Level: *********** X-Spam-Checker-Version: SpamAssassin 2.31 (devel $Id: SpamAssassin.pm,v 1.94.2.2 2002/06/20 17:20:29 hughescr Exp $) Lines: 2 SPAM: -------------------- Start SpamAssassin results ---------------------- SPAM: This mail is probably spam. The original message has been altered SPAM: so you can recognise or block similar unwanted mail in future. SPAM: See http://spamassassin.org/tag/ for more details. SPAM: SPAM: Content analysis details: (11.8 hits, 5 required) SPAM: FROM_MALFORMED (3.7 points) From: has a malformed address SPAM: REPLY_TO_EMPTY (2.6 points) Reply-To: is empty SPAM: TO_EMPTY (1.4 points) To: is empty SPAM: SUBJ_MISSING (1.4 points) Subject: is empty or missing SPAM: TO_MALFORMED (1.1 points) To: has a malformed address SPAM: INVALID_DATE (0.5 points) Invalid Date: header (not RFC 822) SPAM: MISSING_HEADERS (1.1 points) Missing To: header SPAM: SPAM: -------------------- End of SpamAssassin results --------------------- If anyone has successfully configured SpamAssassin with Xmail, your help would be greatly appreciated. Also, if you have any other suggestions for filtering spam, I'm open to any suggestions. Thank you. |
CyberUX |
Posted: Jul 24 2002, 05:59 AM
|
Member Group: Members Posts: 74 Member No.: 217 Joined: 20-July 02 |
Hi,
i have not tested XMail with spam problems yet, but there is an internal spam-address-filtering method for XMail. You can use: SPAMMERS.TAB Description--> Set up a ban list for spammers based on ip address and a netmask SYNTAX--> "ipaddr"[TAB]"netmask"[NEWLINE] Ex-->. "212.131.173.0"[TAB]"255.255.255.0"[NEWLINE] register all hosts of the class "C" network "212.131.173.XXX" as spammers, and block them the use of XMail SMTP server. SPAM-ADDRESS.TAB Description--> Set up a ban list for spammers based on email address SYNTAX--> "spam-address"[NEWLINE] Ex. "*@rude.net"[NEWLINE] "*-admin@even.more.rude.net"[NEWLINE] will block mails coming from the entire domain rude.net and comig from all addresses that end with -admin@even.more.rude.net. These are for known addresses or IP of spamers Edited by CyberUX |
hschneider |
Posted: Jul 24 2002, 10:35 AM
|
No - I'm not an answering script ... Group: Admin Posts: 6631 Member No.: 195 Joined: 19-June 02 |
Speedracer05,
please send your mailproc.tab for further investigations ... If possible, also send an unprocessed mail before it is consumed by mail::audit. Bye, Harald Edited by - hschneider on 24 July 2002 11:41:24 |
speedracer05 |
Posted: Jul 24 2002, 07:34 PM
|
Newbie Group: Members Posts: 5 Member No.: 222 Joined: 23-July 02 |
CyberUX -
Thank you for the fast reply. Currently, I have a growing spam-address.tab file in place. Because there is a large amount of spam hitting my server, I was hoping to automate the spam rejection process. I have checked various sites for a pre-compiled list of known spammers that I could insert into the spam-address.tab and spammers.tab files, but haven't located such a list yet. Harald - Thank you for your quick reply too. I was under the impression that I could filter the mail from the /var/MailRoot/filters directory without a mailproc.tab file in place. Would filtering using the mailproc.tab file be a better solution? Here is another example using Mail::Audit: /var/MailRoot/bin/test.pl #!/usr/bin/perl use Mail::Audit $item = Mail::Audit->new() open (LOG, ">>/var/MailRoot/logs/filterlog") my $from = $item->from() my $to = $item->to() my $subject = $item->subject() chomp($from, $to, $subject) print LOG ("From: $from ") print LOG ("To: $to ") print LOG ("Subject: $subject ") ________________________________________________ The resulting log file looks like this (blank fields): /var/MailRoot/logs/filterlog From: To: Subject: ________________________________________________ And this is the orginal email message (you can apply this to my first post... same email test): Return-Path: <myemailaddress@hotmail.com> Delivered-To: mymail@mydomain.com Received: from hotmail.com (207.68.163.33) by ns.mydomain.com (192.168.0.0) with [XMail 1.5 (Linux/Ix86) ESMTP Server] id <S11D3> for <mymail@mydomain.com> from <myemailaddress@hotmail.com> Wed, 24 Jul 2002 11:06:03 -0700 Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC Wed, 24 Jul 2002 11:06:02 -0700 Received: from xx.xx.xx.xxx by sea1fd.sea1.hotmail.msn.com with HTTP Wed, 24 Jul 2002 18:06:02 GMT X-Originating-IP: [xx.xx.xx.xxx] From: "me" <myemailaddress@hotmail.com> To: mymail@mydomain.com Subject: test Date: Wed, 24 Jul 2002 11:06:02 -0700 Mime-Version: 1.0 Content-Type: text/plain format=flowed Message-ID: <F33GJ2TUSzbAUfKRfcj00019b4d@hotmail.com> X-OriginalArrivalTime: 24 Jul 2002 18:06:02.0593 (UTC) FILETIME=[C5981D10:01C2333C] test _________________________________________________________________ Chat with friends online, try MSN Messenger: http://messenger.msn.com As you can see, this shouldn't be labeled as spam (refering to my original post), but SpamAssassin thinks all fields are blank and filters accordingly. Thank you for your help! |
hschneider |
Posted: Jul 24 2002, 08:48 PM
|
No - I'm not an answering script ... Group: Admin Posts: 6631 Member No.: 195 Joined: 19-June 02 |
Hi,
>I was under the impression that I could filter the mail from the /var/MailRoot/filters >directory without a mailproc.tab file in place. Would filtering using the mailproc.tab >file be a better solution? No, you can also use filters/ ... I think here is the prob: Mail::Audit relies on RFC-conform messages, but the spool files have the following structure: SmtpDomain [ 1st line ] SmtpMessageID [ 2nd line ] MAIL FROM:<...> [ 3th line ] RCPT TO:<...> [ 4th line ] <<MAIL-DATA>> [ 5th line ] ... So line 1,2,5 cannot be handled and Mail::Audit and parsing results in empty header fields. Altering this format is forbidden, when writing filtes. Solution: Convert the spool file before handing it out to Mail::Audit and even make sure, that the result is in spool format again. Bye, Harald |
hschneider |
Posted: Jul 25 2002, 09:43 AM
|
No - I'm not an answering script ... Group: Admin Posts: 6631 Member No.: 195 Joined: 19-June 02 |
Hi,
here some Python code .. it's easy to convert to Perl :) def spool2mail(self): """ Converts spool format to RFC conform mail format """ # Split into 3 parts and skip first 2 lines (id1,id2,mail) = string.split(spoolfile," ",2) # Remove mail_data line return(string.replace(mail,"<<MAIL-DATA>> ",'')) You can also compile and run econv.c from Davide's site, but this will destroy your mail envelope. Bye, Harald Edited by - hschneider on 25 July 2002 10:45:02 |
speedracer05 |
Posted: Jul 25 2002, 05:43 PM
|
Newbie Group: Members Posts: 5 Member No.: 222 Joined: 23-July 02 |
Hello Harald,
Thank you for all your help. Your code example is really helpful also. Thank you |
hschneider |
Posted: Jul 25 2002, 06:03 PM
|
No - I'm not an answering script ... Group: Admin Posts: 6631 Member No.: 195 Joined: 19-June 02 |
Hi,
you're welcome :) Let me know, when you have managed an interface to Mail::Audit. Your experience will be very helpful for other people in the community. Bye, Harald |