info
Google 網路論壇不再支援新的 Usenet 貼文或訂閱項目,但過往內容仍可供查看。
Dismiss
Subject header check question
瀏覽次數:37 次
跳到第一則未讀訊息
Stefan Parvu
2022年3月6日 下午2:40:042022/3/6
收件者:
Hi,
I need a bit help to understand what Im doing wrong. From the BAT book I have tried to reuse 7.3.1 Virus Screening by Subject on FreeBSD 13 with sendmail 8.17.1.
I have created a flat file where I keep some email subjects, called spamsubjects. the content of the file is something like this:
This is a spam REJECT
Another line REJECT
and create a hash out of it using makemap.
makemap -t\tab hash spamsubjects < spamsubjects
Then inside my .mc file I have defined:
LOCAL_CONFIG
Kspamsubdb hash /etc/mail/spamsubjects
HSubject: $>ScreenSubject
LOCAL_RULESETS
SScreenSubject
R $* $: $(spamsubdb $&{currHeader} $: OK $) $1
R REJECT $* $#error $: "553 Subject:" $1 ": Not allowed"
But it does not work. Nothing gets blocked. Any ideas what I am doing wrong?
Thanks,
Stefan
I need a bit help to understand what Im doing wrong. From the BAT book I have tried to reuse 7.3.1 Virus Screening by Subject on FreeBSD 13 with sendmail 8.17.1.
I have created a flat file where I keep some email subjects, called spamsubjects. the content of the file is something like this:
This is a spam REJECT
Another line REJECT
and create a hash out of it using makemap.
makemap -t\tab hash spamsubjects < spamsubjects
Then inside my .mc file I have defined:
LOCAL_CONFIG
Kspamsubdb hash /etc/mail/spamsubjects
HSubject: $>ScreenSubject
LOCAL_RULESETS
SScreenSubject
R $* $: $(spamsubdb $&{currHeader} $: OK $) $1
R REJECT $* $#error $: "553 Subject:" $1 ": Not allowed"
But it does not work. Nothing gets blocked. Any ideas what I am doing wrong?
Thanks,
Stefan
Stefan Parvu
2022年3月6日 下午2:41:072022/3/6
收件者:
> This is a spam REJECT
> Another line REJECT
In the real file, I have TAB between the spam subject and REJECT.
> Another line REJECT
Claus Aßmann
2022年3月7日 清晨5:26:112022/3/7
收件者:
Stefan Parvu wrote:
> This is a spam REJECT
> This is a spam REJECT
> makemap -t\tab hash spamsubjects < spamsubjects
> Kspamsubdb hash /etc/mail/spamsubjects
> HSubject: $>ScreenSubject
> HSubject: $>ScreenSubject
> SScreenSubject
> R $* $: $(spamsubdb $&{currHeader} $: OK $) $1
> R REJECT $* $#error $: "553 Subject:" $1 ": Not allowed"
> But it does not work. Nothing gets blocked. Any ideas what I am doing wrong?
"It's complicated"
> R $* $: $(spamsubdb $&{currHeader} $: OK $) $1
> R REJECT $* $#error $: "553 Subject:" $1 ": Not allowed"
> But it does not work. Nothing gets blocked. Any ideas what I am doing wrong?
op.txt: {currHeader} ... ``Header value as quoted string''
which means
'a b c'
is represented as
'" a b c "'
BUT for the map lookup the quotes are removed leaving us with:
' a b c'
"interesting", isn't it?
So this should work:
This is a spam REJECT
(space.........tab)
In general it is better to use a regex map to match the values
of "unstructured" headers (non-address fields).
--
Note: please read the netiquette before posting. I will almost never
reply to top-postings which include a full copy of the previous
article(s) at the end because it's annoying, shows that the poster
is too lazy to trim his article, and it's wasting the time of all readers.
Stefan Parvu
2022年3月7日 清晨5:41:292022/3/7
收件者:
Thanks for message.
> So this should work:
> This is a spam REJECT
> (space.........tab)
Let me see if I understood you correctly. Are you saying I should reformat my spamsubjects file? Not to use spaces within?
Or
Even If I have a single word like:
MYPATTERN\tabREJECT
won't work
> So this should work:
> This is a spam REJECT
> (space.........tab)
Or
Even If I have a single word like:
MYPATTERN\tabREJECT
won't work
Claus Aßmann
2022年3月7日 清晨5:53:142022/3/7
收件者:
Stefan Parvu wrote:
> > This is a spam REJECT
> > (space.........tab)
What removed the leading space and changed the TAB?
> > This is a spam REJECT
> > (space.........tab)
> Let me see if I understood you correctly. Are you saying I should reformat my
> spamsubjects file? Not to use spaces within?
`` This is a spam''
that is, it has a _leading_ space.
Run something like
sendmail -bs -d38.20 -d39.20
...
to see what's going on (or start a daemon with
-D/tmp/sm.log -d89.9 -d38.20 -d39.20
and send a message through it).
Stefan Parvu
2022年3月7日 清晨6:03:042022/3/7
收件者:
> `` This is a spam''
> that is, it has a _leading_ space.
Huh. Got it. 10 x thanks.
> that is, it has a _leading_ space.
It works fine. I will continue experimenting with this.
Thanks again!
Stefan Parvu
2022年3月7日 上午8:51:232022/3/7
收件者:
> In general it is better to use a regex map to match the values
> of "unstructured" headers (non-address fields).
Is it difficult? Any pointers?
Right now, Im using something like this:
LOCAL_RULESETS
SScreenSubject
R $* $: $(subdb $&{currHeader} $: OK $) $1
R REJECT $* $#error $: "553 Subject:" $1 ": Not allowed"
Thank you
Stefan
Claus Aßmann
2022年3月7日 下午3:22:512022/3/7
收件者:
Stefan Parvu wrote:
> how could I change and improve the rulesets to use a regex map to match the
> values from my spam subject file?
You would have to put all of the data into the regex. If you have
> how could I change and improve the rulesets to use a regex map to match the
> values from my spam subject file?
many entries or if you change the content often, then it might be
better to use milter-regex so you don't have to restart sendmail
after each change.
Otherwise it's fairly simple: just replace the map definition,
e.g., something like this:
Kspamsubdb regex (This is spam|Another line)
Stefan Parvu
2022年3月8日 凌晨3:48:072022/3/8
收件者:
> You would have to put all of the data into the regex. If you have
> many entries or if you change the content often, then it might be
> better to use milter-regex so you don't have to restart sendmail
> after each change.
written in C AFAIK) but probable will just use the basic regex
within the ruleset. Lets see if I can make it happen.
>
> Otherwise it's fairly simple: just replace the map definition,
> e.g., something like this:
> Kspamsubdb regex (This is spam|Another line)
0 則新訊息