Discussion:
[SA-exim] sa-exim's Greylisting.pm doesn't check for local connections
Marc MERLIN
2006-11-09 15:26:56 UTC
Permalink
Dear Marc,
I'd like to scan messages with sa-exim that fetchmail directly
delivers to the MTA with the sendmail command. But Greylisting.pm
from sa-exim v4.2.1 doesn't check whether the message was locally
Nov 2 16:48:20 example spamd[23021]: Use of uninitialized value in concatenation (.) or string at /usr/share/perl5/Mail/SpamAssassin/Plugin/Greylisting.pm line 176.
Nov 2 16:48:20 example spamd[23021]: Use of uninitialized value in concatenation (.) or string at /usr/share/perl5/Mail/SpamAssassin/Plugin/Greylisting.pm line 177.
Of course, fetchmail could deliver the messages through the local
interface, but for several reasons I prefer to use the sendmail
command.
I've attached a small patch for Greylisting.pm. The code added by
this patch returns from greylisting() if the variable $connectip
contains the string '<locally generated>'. The header
X-SA-Exim-Connect-IP is set to this string in sa-exim.c if the message
was locally generated.
That's interesting. I guess you don't get the same from that as running your
own MTA on the net, but that's still a valid use I didn't think about.
If/when I have the next version, I'll include this patch.
In the meantime, I cced the sa-exim list so that others can benefit

Thanks,
Marc

Content-Description: Check for local connections
--- Greylisting.pm.orig 2006-10-30 10:11:17.000000000 +0100
+++ Greylisting.pm 2006-11-03 16:17:28.000000000 +0100
@@ -103,6 +103,11 @@
return 0;
}
chomp($connectip);
+ if ($connectip eq '<locally generated>')
+ {
+ Mail::SpamAssassin::Plugin::dbg("GREYLISTING: skipping greylisting for locally generated message $mesgid");
+ return 0;
+ }
# Clean up input (for security, if you use files/dirs)
$connectip =~ /([\d.:]+)/;
$connectip = ($1 or "");
--
"A mouse is a device used to point at the xterm you want to type in" - A.S.R.
Microsoft is to operating systems & security ....
.... what McDonalds is to gourmet cooking
Home page: http://marc.merlins.org/
Andreas Vögele
2006-11-09 17:18:47 UTC
Permalink
[...]
Post by Marc MERLIN
I've attached a small patch for Greylisting.pm. The code added by
this patch returns from greylisting() if the variable $connectip
contains the string '<locally generated>'. The header
X-SA-Exim-Connect-IP is set to this string in sa-exim.c if the
message was locally generated.
That's interesting. I guess you don't get the same from that as
running your own MTA on the net, but that's still a valid use I
didn't think about.
Actually, I'm using this patch on an MTA which also accepts mail from
the net. That's one of the reasons why I decided to use the sendmail
command to deliver messages that were fetched with fetchmail. I can
now use the Exim ACL acl_not_smtp for the fetchmail messages and keep
the fetchmail settings separate from the other ACLs. Here's an
example:

acl_not_smtp = acl_check_not_smtp

acl_check_not_smtp:

# Don't scan unless the message was retrieved with fetchmail.
warn
condition = ${if eq{$sender_ident}{fetchmail}{no}{yes}}
set acl_m0 = do-not-scan

# Never reject messages that were retrieved with fetchmail.
warn
condition = ${if eq{$sender_ident}{fetchmail}{yes}{no}}
set acl_m0 = do-not-reject

accept
Post by Marc MERLIN
If/when I have the next version, I'll include this patch. In the
meantime, I cced the sa-exim list so that others can benefit
I tried to post through Gmane but that didn't work since the list is
moderated. I've just subscribed to the list but disabled delivery so
that I can still use Gmane to read the list.

Loading...