|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: A simple working example of a simple content filter?
From: Magnus Bäck (magnus
dsek.lth.se)
Date: Thu Feb 09 2006 - 13:04:25 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Thursday, February 09, 2006 at 17:37 CET,
"W. Craig Carter" <ccartermit.edu> wrote:
> > /bin/cat is the minimal starting point. Are you looking for the
> > content filter to do something specific?
>
> Thanks. This answers one of my questions and that is, what is the
> output of the filter supposed to be?
In this particular case, the first example in FILTER_README, no output
is expected. The wrapping shell script will just look at the filter
script's exit status and make Postfix bounce the message if it's non-zero.
> I want to construct my own whitelist and also create a token-based
> reply method of getting around my filter. I had imagined that the
> filter would be a fairly aggressive regexp content check for UCE
> clues.
You do know that people have invented such programs before?
> So, from the hint, I can imagine a perl script version of cat with a
> series of regexp checks (my email server doesn't handle much mail, I
> am not too worried about performance).
>
> Now, what to do with the suspected UCE?? Do I simply inject something
> into the header and then reject with header_checks? You can see I am
> confused about this! (An appropriate response would be "RTFM" I'm
> sure, but I am busier than I'd like to be.)
Your implementation depends on the antispam policy you wish to deploy
(bounce, tag and deliver, quarantine, ...), so there is no general
answer.
> The simplest version of the token would be to broadcast a fixed
> token and then have my perl script skip the regexp checks if it
> finds the token. Not great, but effective enough for me.
>
> Thanks, Craig
>
> PS: I put a couple hours of effort into getting spamassassin to work
> with postfix on macos 10.4, but finally gave up. I am hoping that a
> simple approach will be fine enough for me. Filling body_checks
> with regexps was too fraught with trouble and I couldn't see a white
> list solution using (header|body)_checks alone.
Seriously, building a decent antispam solution of your own is probably a
couple of of magnitudes more difficult than getting SpamAssassin
working. Don't go there. Really.
--
Magnus Bäck
magnusdsek.lth.se
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]