freebsd 6.3
mx1# postconf mail_version
mail_version = 2.6-20080606
main.cf
content-filter = snfilter
master.cf
snfilter unix - n n - 10 pipe
flags=q user=snfilter argv=/var/spool/snfilter/sniffer
-f ${sender} ${recipient}
mx1# ll /var/spool/snfilter/sniffer
-rwxrwxrwx 1 snfilter snfilter 4013 Sep 29 20:54 /var/spool/snfilter/sniffer
sniffer contains:
#!/bin/sh
# 20040508 _M Modified for snfrv2r3 release.
# 20040102 _M Modified for snfrv2r2 release.
# Also improved file collision avoidance using DATE functions.
# 20021204 _M Modified for sniffer2 release. No other changes.
# sniffer - 20021106 _M ##############################################
#
# This script is a template for using SortMonster's Message Sniffer
# on Postfix systems. It is derived from the FILTER_README distributed
# with Postfix.
#
# This script accepts the message, writes it to a file, scans it with
# the sniffer utility, and then delivers the message if there is no
# pattern match. If a pattern match is found then there are a number
# of options included in this script.
#
# The default action is to write a header to the message indicating
# the symbol for the pattern match.
#
# In practice, the system administrator should adjust this script to
# interpret the response from sniffer and take some appropriate action.
# In that respect, this script is only a good starting point.
#
#
######################################################################
# Localize the inspection directory, sniffer installation, and
# sendmail command. It is VITAL that the sniffer utility is named with
# a .exe extension so that it can rewrite it's file name to produce it's
# log file and to read it's rule file. Both of those must be in the same
# directory along with the binary.
#SNIFFER_EXE=/var/spool/snfilter/snfrv2r3.exe
SNIFFER_EXE=/var/spool/snfilter/SNFClient
AUTHENTICATION=y940ytjq0yn3srdg
INSPECT_DIR=/var/spool/snfilter
SENDMAIL="/usr/sbin/sendmail -i"
MSGFILE=`date +%Y%m%d%H%M%S`_$_$RANDOM.msg
# Define Exit codes from <sysexits.h>
EX_OK=0
EX_TEMPFAIL=75
EX_UNAVAILABLE=69
# Clean up when when aborting.
trap "rm -f *$MSGFILE" 1 2 3 15
# Move to our filter directory where we perform our inspections.
cd $INSPECT_DIR || { echo $INSPECT_DIR does not exist; exit $EX_TEMPFAIL; }
# Copy the message to a temp file for processing.
cat > $MSGFILE || { echo Cannot save mail to file; exit $EX_TEMPFAIL; }
# Now that we have the message as a file we can process it with
# Message Sniffer. The sniffer utility will return a nonzero value if
# it finds a pattern match.
$SNIFFER_EXE $AUTHENTICATION $MSGFILE || {
# If we're here, we know sniffer found a match. So, what do we do?
##################################################################
# #
# *ONE* OF THE FOLLOWING BLOCKS MUST BE UNCOMMENTED. THE DEFAULT #
# IS THE MESSAGE HEADER BLOCK. #
# #
##################################################################
#### Uncomment this section to reject (bounce) the message.
#
# echo Message content rejected, symbol = $?;
# rm -f *$MSGFILE;
# exit $EX_UNAVAILABLE;
#### Uncomment this section to eat the message.
#
# echo Message content destroyed, symbol = $?;
# rm -f *$MSGFILE
# exit $EX_OK;
#### Uncomment this section to hold the message for review.
#
# echo Message Content Held For Review, symbol = $?;
# exit $EX_OK;
#### Uncomment this section to add a header to the message.
echo X-SortMonster-Msg-Sniffer-Match: Symbol-$? > x_$MSGFILE;
cat x_$MSGFILE $MSGFILE > y_$MSGFILE;
$SENDMAIL "$@" < y_$MSGFILE;
rm -f *$MSGFILE;
exit $EX_OK;
# NOTE: The value returned by the sniffer program is an integer
# representing the rule/group that was matched. That value may be
# any integer from 1 through 64. The value is derived from the
# matching rule's symbol (mod 64)+1. The actual symbol will be
# accurately recorded in the log file. This is a correction from
# the demo version which uses an older code base.
}
# At this point we want to deliver the message as-is. We reinject
# the message with our sendmail command and then clean up our temp
# file(s).
$SENDMAIL "$@" < $MSGFILE
rm -f *$MSGFILE
exit $?
maillog:
Sep 29 21:06:56 mx1 pipe[6877]: fatal: pipe_command: execvp
/var/spool/snfilter/sniffer: No such file or directory
Sep 29 21:06:56 mx1 postfix/pipe[6872]: 251A55C05A: to=<[EMAIL PROTECTED]>,
relay=snfilter, delay=968, delays=968/0.04/0/0.08, dsn=4.3.0, status=deferred
(temporary failure. Command output: pipe: fatal: pipe_command: execvp
/var/spool/snfilter/sniffer: No such file or directory )
we've "-v" everything in master.cf and got no hints
suggestions?
Len
______________________________________________
IMGate OpenSource Mail Firewall www.IMGate.net
