|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: FILTER_README suggestions
From: /dev/rob0 (rob0
gmx.co.uk)
Date: Fri Sep 01 2006 - 11:46:09 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Friday 01 September 2006 09:53, Wietse Venema wrote:
> Postfix's FILTER_README was written long before backscatter became
> a problem. The first example (see below signature) has a warning
> not to reject mail:
>
> Note: in this time of mail worms and spam, it is a BAD IDEA to
> send known viruses or spam back to the sender, because that
> address is likely to be forged. It is safer to discard known
> to be bad content and to quarantine suspicious content so that
> it can be inspected by a human being.
>
> Unfortunately, the text gives no example of how one would implement
> this advice. Personally, I use no external filter so I have a hard
> time coming up with field-tested examples.
Interesting. As readily-available as your address is, I would think
spam would be a major problem for you.
> What do people use:
Amavisd-new with local(8) and address tagging, with ~/.forward+spam
redirecting to a user-accessible Quarantine folder. I'm very pleased
with the results. It's smooth and simple, no arcane and difficult
procmail syntax. It's something I could put within the reach of an
ordinary user, with a simple example in "/etc/skel/.forward+spam".
I do change the amavisd-new defaults to D_PASS for all categories but
virus (and I have not yet had a virus pass through Postfix's defenses.)
> - Have the filter return a distinct exit status that says "discard"?
>
> - Have the filter insert a "badness" indicator in a message header,
> and dispose of bad mail with Postfix HOLD/DISCARD actions, maildrop
> rules, cyrus sieves, or procmail filters?
>
> - Something completely different? Maybe no-one uses the pipe+sendmail
> example and we can drop it from the documentation.
In actual practice I bet few sites are using the simple content filter
example. However, it is potentially useful as a starting point for one
who wants to roll his/her own filter.
> 24 # Specify your content filter here.
> 25 # filter <in.$$ || {
> 26 # echo Message content rejected; exit $EX_UNAVAILABLE; }
You could just expand the comments in the script to list the filter's
choices. :)
--
Offlist mail to this address is discarded unless
"/dev/rob0" or "not-spam" is in Subject: header
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]