AW: [Exim] Problem with Envelope-to header

Top Pagina
Delete this message
Reply to this message
Auteur: Lumpp, Wolfgang
Datum:  
Aan: exim-users
Onderwerp: AW: [Exim] Problem with Envelope-to header
Hi,
I'm looking for the To: address.
But in case of mailing-lists in the To: header I find the address of the
mailing-list. The realy address which I could use for the command, is the
envelope-to.
Following is the script, which I use.
The problematic parts are prefixed with "PROBLEM"

In the part, where the mail goes back to exim, is the main problem.
Exim deliver the mail to the To: header, but in case of mailing-lists I
produce a mail-loop
Regards
Wolfgang


#!/bin/sh

###################################################################
# Inflex - Bidirectional Email scanner
#
# Inflex-exim 0.1.5-E 
#
# Inflex for Exim by Justin "jus" Stanford - designed for use with
# the Exim MTA (www.exim.org) version 3.xx (tested with 3.12).
# 
# E-mail any questions or suggestions to jus@??? 
# regarding inflex-exim. Please read INSTALL to correctly set up
# inflex-exim for use on your machine.
# 
# Inflex-exim was tested on a FreeBSD 3.4-STABLE mail server running
# Exim 3.12, performing both local delivery and relaying, using
# Network Associate's McAfee uvscan (/usr/ports/security/uvscan for 
# FreeBSD users). Inflex-exim should run equally as well on Linux or
# other unix type systems.
#
#
# Inflex is copyright to Mr Paul L Daniels.
#
# You are free to use and distribute Inflex as per the GPL licence
# agreement.
#
# All alterations and addtions should be sent to Paul L Daniels
# at jdaniels@???
#
# This program was created with the assistance of looking at
# AmaVis.  It's purpose is to provide a one-stop scanning
# point for all emails, both inbound and outbound, irrespective
# of the method required for the final delivery
#
# Written by Paul/Jack L Daniels
# 07/01/2000 [heheh, y2k compliant ;)]
#
#
# CHANGES -
#
#     0.1.5-E - 11/05/2000
#         .Inflex-exim, based on Inflex 0.1.5.
#         .Due to current limitations in exim, the recipient of a
#          blocked email will not be notified, only the sender.
#
#    0.1.5 - 04/04/2000
#        .Removed '7' out of the Minflex flags
#        .Provided both relaying and non-relaying version of .cf
#        .Updated FAQ with some useful hints re McAfee
#        .Inserted filename block specifically for the I LOVE YOU
virus
#        .
#    0.1.4 - 17/01/2000
#        .Fixed up reported blocked directory
#        .Replaced hard-coded sendmail cmd line with a more
#          generic one.
#        .Added Ability to turn on/off various sections of scanner
#          ie, file type, file name, antivirus
#        .Ability to turn on/off sending of various proponents of 
#          the messages to various people when a block is performed
#        .Minor typos in sender,receiver messages
#        .X-header addition
#
#    0.1.3 - 13/01/2000
#        .Made blocked emails get moved to a blocked$$ directory
#        .Added Exim mailout support
#
#    0.1.2 - 10/01/2000
#        .Changed version format, to match that of typical
#          LINUX based systems.
#        .Added support for McAfee and Sophos AntiVirus packages
#        .Cleaned up logging 
#        .changed directory naming to inflex$$ rather than av$$
#               .Made common apps such as find, file, grep become vars
#                 in the script so as to make things easier for
#                 alteration later on.
#        .Altered AntiVirus sections to report either a success
#          or failure rather than requiring later in the script
#          to decipher the dozens of possible exit codes from
#                 all of the various AV apps.
#
#########################################################################


#
# Our systemwide INFLEX Log file
#
logfile=/var/log/inflexlog

#
#
# Options to turn on/off various bits of Inflex scanning
#
# Use either y [for yes] or n [for no]
#
scanforvirus=y
scanforfiletype=y
scanforfilename=y
scanfortext=y

#
# Options for delivery of email to various people whom
# might want to hear that their email has been blocked
#

# Receiver msg's disabled by default due to current limitations in exim
# which disable this feature

deliverSenderAVmsg=y
deliverReceiverAVmsg=n
deliverSenderBLmsg=y
deliverReceiverBLmsg=n
deliverRootmsg=y

#
# Options for composition of actual outgoing email
#
# Unless you have formail running this option will not work and neither
# will inflex-exim. Only enable it if you are sure it is working and have
# specified the correct path to it above
#
appendXheader=y
Xheader="X-scanner: scanned by Virus-scanner (Mail is clean!)"


#
# Get our temporary directory name... from the process ID
# which is about as good as any random number
#
pid="inflex$$"
tmpdir=/var/tmp/${pid}
blockdir=/var/tmp/Blocked$$

#
# Our mail-specific logfiles
#
locallog=${tmpdir}/logfile
badfileslog=${tmpdir}/badfileslog
fsavlog=${tmpdir}/fsavlog
envtest=${tmpdir}/envtest
#
# Our message files
#
sendermsg=${tmpdir}/sendermsg
recvmsg=${tmpdir}/recvmsg
blockmsg=${tmpdir}/blockmsg

#
# setup our commonly used files
#
test=/usr/bin/test
mail=/usr/bin/mail
grep=/usr/bin/grep
file=/usr/bin/file
find=/usr/bin/find
touch=/usr/bin/touch
metamail=/usr/bin/metamail
formail=/usr/bin/formail


#
# Our MAIL PROGRAMS
#
exim=/usr/local/software/exim/bin/exim

#
# Our Virus Scanners
#
# Uncomment and specify the correct path for the scanner you wish to use.
# NA's McAfee uvscan is default, inflex-exim 0.1.5-E has been tested and
# verified with engine 3.x and 4.x.
#
#sophos=/usr/local/bin/sweep
mcafee=/usr/local/uvscan/uvscan
#fsav=/usr/local/fsav/fsav


#
# Setup who sent and who was supposed to receive all this
#
headto=$4
sender=$3
envelope=$2
hostname=$1

#
# Who's going to receive all the bounced reports
#
administrator=root

#
# Make the directory
#
mkdir -p ${tmpdir}
mkdir ${tmpdir}/unpacked

#
# Take standard input and create a file called RECEIVEDMAIL
#
cat > ${tmpdir}/receivedmail
cat ${tmpdir}/receivedmail | ${formail} -f -x Envelope-to: > ${envtest}
if [ -s ${envtest} ];
then
PROBLEM    receiver=${envelope}
else
    receiver=${headto}
fi


#
# Start a log file, with the basic information of who/etc
#
echo "" >> ${locallog}
echo "${pid} from:${sender} to:${receiver}" >> ${locallog}

#
# Setup the Metamil unpacking directory, else it'll unpack to /tmp
#
METAMAIL_TMPDIR=${tmpdir}/unpacked
export METAMAIL_TMPDIR

#
# Unpack the newly arrived email
#
${metamail} -r -q -x -w ${tmpdir}/receivedmail


#
# SCAN for files we don't really want people sending/receiving
#
#
# First up, get a list of all the files we have in this metamail package
#
${touch} ${badfileslog}
${find} ${tmpdir} -name '*' > ${tmpdir}/filelist1

#
# Now we run a magic-number file test on each of the files
# this way we can get around people who have tried renaming
# the files.
#
# The output from this is a full list of the files, and their
# TYPE as per the /etc/magic file
#
${file} -f ${tmpdir}/filelist1 > ${tmpdir}/fileresults



if [ "a${scanforfiletype}" != "an" ]; 
then
    #
    # Now we can search through the resultant file/type list as
    # generated from above, and we output the results to the
    # BADFILES list.
    #
    ${grep} "MS-DOS executable" ${tmpdir}/fileresults >> ${badfileslog}
    #${grep} "PC bitmap data" ${tmpdir}/fileresults >> ${badfileslog}
    ${grep} "AVI" ${tmpdir}/fileresults >> ${badfileslog}
    ${grep} "MPEG" ${tmpdir}/fileresults >> ${badfileslog}
    ${grep} "WAVE" ${tmpdir}/fileresults >> ${badfileslog}
else
    echo "Type scanning off." >> ${locallog}
    fi

    
    

if [ "a${scanforfilename}" != "an" ];
then
    #
    # Next we also scan for actual file names
    # This is VERY useful for if there is a know file that contains
    # a virus, but alas, our virus scanner can't pick it up 
    #
${find} ${tmpdir} -name 'links.vbs' >> ${badfileslog}
${find} ${tmpdir} -name '*.mp3' >> ${badfileslog}
${find} ${tmpdir} -name '*.vbs' >> ${badfileslog}
${find} ${tmpdir} -name '*.com' >> ${badfileslog}
${find} ${tmpdir} -name '*.bat' >> ${badfileslog}
${find} ${tmpdir} -name '*.exe' >> ${badfileslog}
${find} ${tmpdir} -name '*.wsh' >> ${badfileslog}
${find} ${tmpdir} -name 'LOVE-LETTER-FOR-YOU*' >> ${badfileslog}
else
    echo "Name scanning off." >> ${locallog}
    fi

    
    
#
# If any files tested positive in the above magic/name tests
# then the badfileslist will be bigger than 0-bytes
# Hence if so, set the scan status to say so!
#
if [ -s ${badfileslog} ];
then
    badfilescan=1
else
    badfilescan=0
fi





if [ "a${scanforvirus}" != "an" ];
then
#
# SCAN those files for viruses!
#
# Blocking out emails by method of file type is good for 
# controlling the abuse of resources on your network.  However
# we also should be wise enough to take this opportunity whilst
# we have a "foriegn" file in our network to SCAN it for a VIRUS!
#
# NOTE - We're using FPROT Antivirus here.... because I own
# a copy of it.  You could alter the following line to suit your
# own preferred AntiVirus scanner software, but I find FProt quite
# good, it also has a nice simple update utility which can be run
# via CRON.
#
# --archive, unpack archived files, eg zip, lha, exe-zip 
# --list,    display what we are scanning
# --dumb,    don't stop and ask questions, as the server cant answer
# --auto,    decide how to handle a virused file 
#
# FPROT Exit codes ---
#  0 - all clear
#  1 - fsav failed for some reason, perhaps a broken .def file
#  3 - virus was found.
#
if [ "a${fsav}" != "a" ]
then

    
    #
    # FPROT
    #
    ${fsav} --archive --list --dumb --auto ${tmpdir}/unpacked/* >
${fsavlog} 2>&1
    fsavresult=$?
    if ${test} ${fsavresult} -eq 3
    then
        detectedvirus=1
    else
        detectedvirus=0
    fi
fi


    #
    # SOPHOS
    #


if [ "a${sophos}" != "a" ]
then
     ${sophos} -nb -f -all -rec -ss -sc ${tmpdir}/unpacked > ${fsavlog}
2>&1
    fsavresult=$?
    if ${test} ${fsavresult} -ne 0
    then
        detectedvirus=1
    else
        detectedvirus=0
    fi
fi



    #
    # McAfee / NAI - UVScan
    #
if [ "a${mcafee}" != "a" ]
then
     ${mcafee} --secure -rv --summary ${tmpdir}/unpacked > ${fsavlog}
2>&1
    fsavresult=$?
    if ${test} ${fsavresult} -eq 13
    then
        detectedvirus=1
    else
        detectedvirus=0
        fi
    fi


else
    echo "Virus scanning off." >> ${fsavlog}
    detectedvirus=0    
    fi

    
#
#
# Now process the results of our above scans and tests.
# Now process the results of our above scans and tests.
#
#
# return to our start path (good manners)
#
cd ${tmpdir}



if [ "a${deliverRootmsg}" != "an" ];
then
    #
    # Test to see if we came up with a bad email due
    # to a BAD FILE [as apposed to a virused file]
    #
    if ${test} ${badfilescan} -eq 1 -o ${detectedvirus} -eq 1
    then


        #
        # Create and send an email to INFLEX's operator
        #
        echo "Inflex Sent notification to ${sender} and ${receiver}"

> ${blockmsg}

          echo "The attached mail has been BLOCKED" >> ${blockmsg}
          echo "The mail has been stored as ${blockdir}" >>
${blockmsg}
          echo "" >> ${blockmsg}
          echo "AntiVirus Results..." >> ${blockmsg}
          cat ${tmpdir}/fsavlog >> ${blockmsg}
          echo "" >> ${blockmsg}
          echo "Badfiles Scan Results" >> ${blockmsg}
          cat ${badfileslog} >> ${blockmsg}
          echo "" >> ${blockmsg}
          cat ${locallog} >> ${blockmsg}
          echo "" >> ${blockmsg}
          echo "END OF MESSAGE." >> ${blockmsg}

        
        ${mail} -s "BLOCKED DELIVERY" ${administrator} < ${blockmsg}
        fi


    fi




#
# Now, because we're blocking both viruses and bad files, we
# should let the users know -which- one it was, else we'll
# have a flurry of users panicing that their email contains
# viruses, when in fact they probably just sent a BMP file
#

    #
    # Responses for VIRUSES
    #
if ${test} ${detectedvirus} -eq 1
then
echo "Mail blocked due to VIRUS" >> ${locallog}



    if [ "a${deliverSenderAVmsg}" != "an" ];
    then
    #
    # Message to the sender
    #
echo "                 BLOCKED DELIVERY OF YOUR EMAIL TO ${receiver}" >
${sendermsg}
echo "" >> ${sendermsg}
echo "Our email scanner has detected a VIRUS in your email" >> ${sendermsg}
echo "Your email has been stopped." >> ${sendermsg} # The intended recipient
will receive a notification of this message." >> ${sendermsg}
echo "" >> ${sendermsg}
echo "The virus scanner revealed..." >> ${sendermsg}
cat ${fsavlog} >> ${sendermsg}
echo "" >> ${sendermsg}
echo "End." >> ${sendermsg}
${mail} -s "BLOCKED DELIVERY OF EMAIL TO ${receiver}" ${sender} <
${sendermsg}
    fi

    
    
    if [ "a${deliverReceiverAVmsg}" != "an" ];
    then
    #
    # Message to the intended receiver
    #
echo "                 BLOCKED DELIVERY OF EMAIL FROM ${sender}" >
${recvmsg}
echo "" >> ${recvmsg}
echo "Our email scanner has detected a VIRUS in an email destined for you."

>> ${recvmsg}

echo "This email has been stopped. The sender will receive a notification
of this message." >> ${recvmsg}
echo "" >> ${recvmsg}
echo "The virus scanner revealed..." >> ${recvmsg}
cat ${fsavlog} >> ${recvmsg}
echo "" >> ${recvmsg}
echo "End." >> ${recvmsg}

${mail} -s "BLOCKED DELIVERY OF EMAIL FROM ${sender}" ${receiver} <
${recvmsg}
    fi
fi


    
    


if ${test} ${badfilescan} -eq 1
then
echo "Mail blocked due to BAD FILE" >> ${locallog}


    if [ "a${deliverSenderBLmsg}" != "an" ];
    then
    #
    # Message to the sender
    #
echo "                 BLOCKED DELIVERY OF YOUR EMAIL TO ${receiver}" >
${sendermsg}
echo "" >> ${sendermsg}
echo "Our email scanner has detected a file TYPE which we are not" >>
${sendermsg}
echo "permitting through our systems. These namely include movies,
executables and large pictures." >> ${sendermsg}
echo "Your email has been stopped." >> ${sendermsg} # The intended recipient
will receive a notification of this message." >> ${sendermsg}
echo "" >> ${sendermsg}
echo "The files that were blocked are..." >> ${sendermsg}
cat ${badfileslog} >> ${sendermsg}
echo "" >> ${sendermsg}
echo "End." >> ${sendermsg}


${mail} -s "BLOCKED DELIVERY OF EMAIL TO ${receiver}" ${sender} <
${sendermsg}
    fi

    
    
    if [ "a${deliverReceiverBLmsg}" != "an" ];
    then
    #
    # Message to the intended receiver
    #
echo "                 BLOCKED DELIVERY OF EMAIL FROM ${sender}" >
${recvmsg}
echo "" >> ${recvmsg}
echo "Our email scanner has detected a file TYPE which we are not" >>
${recvmsg}
echo "permitting through our systems. " >>${recvmsg}
echo "" >>${recvmsg}
echo "These namely include movies, executables and large pictures." >>
${recvmsg}
echo "Your email has been stopped.  The intended sender will receive a
notification of this message." >> ${recvmsg}
echo "" >> ${recvmsg}
echo "The files that were blocked are..." >> ${recvmsg}
cat ${badfileslog} >> ${recvmsg}
echo "" >> ${recvmsg}
echo "End." >> ${recvmsg}
${mail} -s "BLOCKED DELIVERY OF EMAIL FROM ${sender}" ${receiver} <
${recvmsg}
    fi

    
fi




#
# If nothing really happened and all went well through this whole scanning
process
# We can then proceed to send off the email as per normal.
#

#
# Store our scanning results...
#
echo "Non-PassableFile status is: ${badfilescan}" >> ${locallog}
echo "AntiVirus status is: ${detectedvirus}" >> ${locallog}
echo "Bad files details..." >> ${locallog}
cat ${badfileslog} >> ${locallog}
echo "" >> ${locallog}
echo "AntiVirus details..." >> ${locallog}
cat ${fsavlog} >> ${locallog}
echo "" >> ${locallog}
echo "completed scanning process for ${pid}" >> ${locallog}
echo "Non-PassableFile status is: ${badfilescan}" >> ${locallog}
echo "AntiVirus status is: ${detectedvirus}" >> ${locallog}

#
# Now that our process is complete, we write the entire local log to the
# main log file
#
cat ${locallog} >> ${logfile}

#
# Some basic house keeping... if the file was all okay, we remove it
# else we leave it there for the administrator to "check out"
#
if ${test} \
    ${badfilescan} -eq 0 \
    -a ${detectedvirus} -eq 0
then
#
# Now that all is well and we're happy with the way things are
# we can send off the email to its required destination.
#


    #
    # does the user want a custom X-header.
    #
    if [ "a${appendXheader}" != "an" ];
    then
PROBLEM:        cat ${tmpdir}/receivedmail | ${formail} -f -I "To:
${receiver}" -A "${Xheader}" > ${tmpdir}/recm
        mv ${tmpdir}/recm ${tmpdir}/receivedmail
        fi


    echo ${sender}
    echo ${receiver}    

    
    # Exim makes the final delivery here
    # The mail that has just been scanned is resubmitted to exim for
    # delivery, with the received_protocol marked as "scanned_ok".


PROBLEM    cat ${tmpdir}/receivedmail | ${exim} -t -oMr scanned_ok 



#    rm -rf ${tmpdir}
else
#
# ELSE move everything to a "blocked" directory for later perusal
#
    mv ${tmpdir} ${blockdir}
fi




# END.
> On Wed, 24 May 2000, Lumpp, Wolfgang wrote:
>
> > Hi all,
> > in a transport I try:
> > command = /usr/sbin/inflex-exim $h_envelope-to: $sender_address
> > $received_for
> > but I didn't get a value for the Envelope-to: header.
>
> Unless you add it, there is no Envelope-To: header. The envelope of a
> message is normally transmitted 'out-of-band'. $envelope_sender might
> be what you are looking for, if I recall the variable name correctly..
>
> > Could anyone give me an idea.
> > virus_scan:
> >     driver = pipe
> >     command = /usr/sbin/inflex-exim $sender_host_name 
> $h_envelope-to:
> > $sender_address $sender_address
> >     envelope_to_add # I've tried it also without
> >     user = root
> >     group = root
> >     path = "/bin:/sbin:/usr/bin:/usr/sbin
> > Regards
> > Wolfgang

> >
> > --
> > ## List details at
> http://www.exim.org/mailman/listinfo/exim-users > Exim details
> at http://www.exim.org/ ##
> >
>
> --
>
>
>
> --
> ## List details at
> http://www.exim.org/mailman/listinfo/exim-users > Exim details
> at http://www.exim.org/ ##
>