On Wed, 2 Feb 2005, Matthew Newton wrote:
...
> Just for the record, the config snippet from before doesn't quite work.
> If an incoming message is _not_ being scanned, then we should leave the
> headers alone (otherwise messages from inside that go back inside again
> will have their scores wiped, as we don't spam score for internal mail).
...
>Just for the record, the config snippet from before doesn't quite
>work. If an incoming message is _not_ being scanned, then we
>should leave the headers alone (otherwise messages from inside that
>go back inside again will have their scores wiped, as we don't spam
>score for internal mail).
Yup, been there and had the same problems. When I considered
how mail could travel through our servers I realised that just
one system filter wouldn't cut it. So the relevant bit of my
configuration says:
# System filter to modify message headers. Locally submitted mail
# gets a null filter. So does mail we've seen before. Mail from
# cherished hosts gets a minimal header-munging filter. Mail from
# non-cherished hosts gets the full monte.
system_filter = ${if or { \
{! def:sender_host_address} \
{def:acl_m2} \
} {NULL_FILTER} \
{${if CHERISHED {LOCAL_FILTER}{MUNGE_HEADERS}}}}
CHERISHED is a macro that tests for a trusted IP address --
basically our class B network with a few exceptions such as the
wireless LAN etc.
I "sign" messages that pass through our servers by adding an extra
header in the data acl just before the message is accepted.
This is done with:
# We're just about to accept this message. There's a chance
# (maildelivery file, sieve script, mailing list expansion etc) it
# may go off-campus. So attempt to add a cryptographic "checks
# done" header to prevent re-scanning if the body doesn't change.
# This is never going to be perfect, unless we use the entire
# message body. But it should be a reasonable check.
warn message = X-SCANNER: CRYPTOSECRET
and CRYPTOSECRET is the macro:
# Used when constructing a cryptographic checksum for a message.
CRYPTOSECRET = ${hmac{sha1}{SHASECRET}\
{$h_message_id:,$message_body,$message_body_end,$body_linecount}}
So earlier in the data acl I say:
# Check our cryptographic header. If it matches, we think we've
# seen this message before and so can accept it without virus
# checks, spam checks etc.
accept condition = ${if and {{def:h_X-Scanner:}\
{eq {CRYPTOSECRET}{$h_X-Scanner:}}\
} {yes}{no}}
set acl_m2 = 1
and that's where the acl_m2 in the above expansion of system_filter
comes from. I must use your neat idiom and change acl_m2 to
something like acl_SEEN_MESSAGE.
It took me a while and many beers to work all this out and set it
up. I doubt that I could do it again :-( And I'd probably have to
consume even more beers if someone pointed out an easier way to do
the same thing :-(
--
Dennis Davis, BUCS, University of Bath, Bath, BA2 7AY, UK
D.H.Davis@??? Phone: +44 1225 386101
