|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: nested_header_checks
From: Rob Chanter (robc
adelie.national.com.au)
Date: Thu Apr 01 2004 - 19:04:53 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Tue, Mar 30, 2004 at 08:18:31PM -0500, Victor.Duchovnimorganstanley.com wrote:
> On Wed, 31 Mar 2004, Rob Chanter wrote:
>
> > Speaking of this, I'd really love to be able to set up subqueues within
> > HOLD, so that we can separate phishing bounces from business-as-usual
> > bounces. Something like
> >
> > phishing-addressnational.com.au HOLD/PHISHING oh dear, not again ...
> >
> > Or is this a better case for redirect rules?
> >
>
> Once a message is on hold, you can use periodic hold queue scanners (using
> rename(2)) put it anywhere you want within the same filesystem. The
> refiling need not be done by cleanup(8).
Well, I've already written a rudimentary hold queue scanner (to clean up
after our first couple of phishing attacks), so adding this sort of
functionality is probably not too hard.
> I am just putting the finishing touches on an email quarantine system
> based on a suitably indexed queue hierarchy adjacent to the Postfix hold
> queue.
>
This looks like a better idea than the quarantine system I had in mind.
Something to go away and work on ...
> Once minute messages on "hold" are scanned into the quarantine, the
> metadata is uploaded into a database, and users are sent periodic email
> updates of new message metadata in the database. Users can release
> messages by following links in the summary HTML mail, or going to the
> quarantine website for an up-to-the-minute view.
>
> The whole system, MTA quarantine code, CGI code, database code, man pages,
> test scripts, from-multiple-MTA metadata collection (via rsync) and
> to-multiple-MTA release request propagation (rsync) is ~4000 lines. Quite
> small. Still needs some polish before it can be unleashed on the world,
> but I hope to get it released under a Berkeleyish license in the next few
> months.
How does the release request work? rename(2) back into the real queue
and postsuper -H?
> --
> Viktor.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]