On 10/10/12 19:33, Phil Pennock wrote:
> On 2012-10-10 at 09:38 +0000, Ian Eiloart wrote:
>
> The value is then processed to replace newlines with space characters.
>
> Molly: for the testing, if you can identify the source of the test mails
> in an ACL rule, then you might try:
>
> warn condition = ... whatever identifies the test mails ...
> control = debug/tag=.testfilter/opts=+filter
>
> That will turn on debugging, to a file called debuglog.testfilter (in
> the normal logs directory), for messages which match the supplied
> condition. It turns on category logging of "filter", just like
> "-d+filter" would.
>
> There should be some lines in the debug log starting "Filter:", followed
> by some lines with the mail parameters.
>
Don't seem to be any lines starting "Filter:" when I do this yet it's
definitely hitting the filter as the input message is getting saved to
the filename I specified in the save clause I added previously to the
filter trying to debug it:
warn: condition test succeeded
processing "accept"
check hosts = +relay_from_hosts
host in "127.0.0.1 : 10.82.0.0/16 : 10.98.237.0/24 : 82.219.14.82 :
82.219.14.194 : 82.219.14.205 : 82.219.14.206 : 82.219.14.212 :
81.138.245.218"? yes (matched "10.82.0.0/16")
host in "+relay_from_hosts"? yes (matched "+relay_from_hosts")
check control = submission
accept: condition test succeeded
SMTP>> 250 Accepted
tls_do_write(7fbfa27278d0, 14)
gnutls_record_send(SSL, 7fbfa27278d0, 14)
outbytes=14
Calling gnutls_record_recv(7fbfa274afc0, 7fbfa274d300, 4096)
SMTP<< DATA
SMTP>> 354 Enter message, ending with "." on a line by itself
tls_do_write(7fbfa27278d0, 56)
gnutls_record_send(SSL, 7fbfa27278d0, 56)
outbytes=56
search_tidyup called
Calling gnutls_record_recv(7fbfa274afc0, 7fbfa274d300, 4096)
PDKIM >> Hashed body data, canonicalized >>>>>>>>>>>>>>>>>>>>>>>>>>>>>
host in ignore_fromline_hosts? no (option unset)
>>Headers received:
Received: from [10.82.128.63] (10.82.128.63) by exmail.redembedded.com
(10.82.128.38) with Microsoft SMTP Server (TLS) id 14.1.289.1; Thu, 11 Oct
2012 13:45:03 +0100
Message-ID: <5076BF55.8080600@???>
Date: Thu, 11 Oct 2012 13:45:09 +0100
From: Molly Fletcher <molly.fletcher@???>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:15.0) Gecko/20120912
Thunderbird/15.0.1
MIME-Version: 1.0
To: <fakeuser@???>
Subject: Filter test please ignore
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Return-Path: molly.fletcher@???
address match: subject=fakeuser@??? pattern=root@???
fakeuser@??? in "root@???"? no (end of list)
address match: subject=fakeuser@???
pattern=root@???
fakeuser@??? in "root@???"? no (end of list)
address match: subject=fakeuser@??? pattern=*@*.redembedded.co.uk
bigcorp.com in "*.redembedded.co.uk"? no (end of list)
fakeuser@??? in "*@*.redembedded.co.uk"? no (end of list)
address match: subject=molly.fletcher@???
pattern=root@???
molly.fletcher@??? in "root@???"? no (end of list)
address match: subject=molly.fletcher@???
pattern=root@???
molly.fletcher@??? in "root@???"? no (end
of list)
address match: subject=molly.fletcher@???
pattern=*@*.redembedded.co.uk
redembedded.com in "*.redembedded.co.uk"? no (end of list)
molly.fletcher@??? in "*@*.redembedded.co.uk"? no (end of list)
rewritten sender = molly.fletcher@???
rewrite_one_header: type=F:
From: Molly Fletcher <molly.fletcher@???>
address match: subject=molly.fletcher@???
pattern=root@???
molly.fletcher@??? in "root@???"? no (end of list)
address match: subject=molly.fletcher@???
pattern=root@???
molly.fletcher@??? in "root@???"? no (end
of list)
address match: subject=molly.fletcher@???
pattern=*@*.redembedded.co.uk
redembedded.com in "*.redembedded.co.uk"? no (end of list)
molly.fletcher@??? in "*@*.redembedded.co.uk"? no (end of list)
rewrite_one_header: type=T:
To: <fakeuser@???>
address match: subject=fakeuser@??? pattern=root@???
fakeuser@??? in "root@???"? no (end of list)
address match: subject=fakeuser@???
pattern=root@???
fakeuser@??? in "root@???"? no (end of list)
address match: subject=fakeuser@??? pattern=*@*.redembedded.co.uk
bigcorp.com in "*.redembedded.co.uk"? no (end of list)
fakeuser@??? in "*@*.redembedded.co.uk"? no (end of list)
search_tidyup called
>>Headers after rewriting and local additions:
P Received: from [10.82.128.63] (10.82.128.63) by exmail.redembedded.com
(10.82.128.38) with Microsoft SMTP Server (TLS) id 14.1.289.1; Thu, 11 Oct
2012 13:45:03 +0100
I Message-ID: <5076BF55.8080600@???>
Date: Thu, 11 Oct 2012 13:45:09 +0100
F From: Molly Fletcher <molly.fletcher@???>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:15.0) Gecko/20120912
Thunderbird/15.0.1
MIME-Version: 1.0
T To: <fakeuser@???>
Subject: Filter test please ignore
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
* Return-Path: molly.fletcher@???
Data file written for message 1TMI8P-0007No-34
>>Generated Received: header line
P Received: from exmail.redembedded.com ([10.82.128.38]:53113)
by mail1.redembedded.com with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
(Exim 4.76)
(envelope-from <molly.fletcher@???>)
id 1TMI8P-0007No-34
for fakeuser@???; Thu, 11 Oct 2012 13:45:05 +0100
PDKIM <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
using ACL "acl_check_data"
processing "warn"
check malware = *
Malware scan: issuing clamd local-path scan [/var/run/clamav/clamd.ctl]
waiting for data on socket
Malware response:
/var/spool/exim4/scan/1TMI8P-0007No-34/1TMI8P-0007No-34.eml: OK
Malware not found
warn: condition test failed
processing "warn"
check spam = nobody
trying server 127.0.0.1, port 783
waiting for data on socket
waiting for data on socket
waiting for data on socket
warn: condition test failed
processing "accept"
accept: condition test succeeded
unspool_mbox(): unlinking
'/var/spool/exim4/scan/1TMI8P-0007No-34/1TMI8P-0007No-34.eml'
calling local_scan(); timeout=300
local_scan() returned 0 NULL
Writing spool header file
Size of headers = 828
LOG: MAIN
<= molly.fletcher@??? H=exmail.redembedded.com
[10.82.128.38]:53113 I=[10.82.1.26]:25 P=esmtps
X=TLS1.0:RSA_AES_128_CBC_SHA1:16 CV=no S=1490
id=5076BF55.8080600@??? T="Filter test please ignore"
SMTP>> 250 OK id=1TMI8P-0007No-34
tls_do_write(7fbfa27278d0, 28)
gnutls_record_send(SSL, 7fbfa27278d0, 28)
outbytes=28
search_tidyup called
Sender: molly.fletcher@???
Recipients:
fakeuser@???
forked delivery process 28386
Process 28384 is ready for new message
smtp_setup_msg entered
Calling gnutls_record_recv(7fbfa274afc0, 7fbfa274d300, 4096)
exec /usr/sbin/exim4 -d=0xfbb95efd -Mc 1TMI8P-0007No-34
SMTP<< QUIT
SMTP>> 221 mail1.redembedded.com closing connection
tls_do_write(7fbfa27278d0, 46)
gnutls_record_send(SSL, 7fbfa27278d0, 46)
outbytes=46
tls_close(): shutting down TLS
LOG: smtp_connection MAIN
SMTP connection from exmail.redembedded.com [10.82.128.38]:53113
I=[10.82.1.26]:25 closed by QUIT
search_tidyup called
--
Molly Fletcher, IT System Administrator <molly.fletcher@???>
Red Embedded Design www.redembedded.com
Tel: +44 (0)1274 287724
This E-mail and any attachments hereto are strictly confidential and intended solely for the addressee. If you are not the intended addressee please notify the sender by return and delete the message.
You must not disclose, forward or copy this E-mail or attachments to any third party without the prior consent of the sender.
Red Embedded Design Registered in England, Company Number: 06688253
Registered Office: The Waterfront, Salts Mill Road, Saltaire, West Yorkshire, BD17 7EZ
