From: "Gene Heskett" <[EMAIL PROTECTED]>
On Thursday 09 February 2006 03:47, jdow wrote:
From: "Gene Heskett" <[EMAIL PROTECTED]>
Procmail calls SpamAssasin and feeds the return off to the spool
file.
Ok, sub getmail for both fetchmail and procmail, since getmail can
handle the SA pipeing you are doing with procmail. Then run dovecot
on that box to serve kmail on this box? I have the kmail fetching
turned off on that box, so I'd assume I can give getmail a trial run
and see if what it fetches it shows up in kmail on that firewall box
as a new mail, if that works, then setup dovecot as a pop3 server to
serve the kmail requests from this box. Have I got it right? All
running as the user gene I'd assume?
Only if getmail combines fetchmail and procmail including procmail's
ability to write rules for redirecting mail or applying filtering to
it.
Kmail would simply read from the imap port you create. It's still
write to your ISP's mail server.
First, getmail is out as far as putting it on the FW box, the python
install there is several releases too old.
Further reading on fetchmail tells me that it hands the incoming mail
off to sendmail via stuffing it into port 110. Datapoint as I try to
get my head around the mechanics of this.
<<jdow>>==================================================================
Read further. The interesting line is:
defaults mda "/usr/bin/procmail -d jdow"
That sends it to procmail and procmail sends it to /var/spool/mail/<me>.
<</jdow>>=================================================================
It is sendmail then that listens on port 110 and writes to
the /var/spool/mail/username file. Datapoint again.
So there is a potential place to put a |spamc| is there not?, between
fetchmail and port 110? A hack to fetchmail maybe? Datapoint.
<<jdow>>==================================================================
You use procmail for doing this.
<</jdow>>=================================================================
Experimental results.. I grabbed a copy of /var/spool/mail/gene to
another file while it had some content, then did a 'cat filename|spamc
filename2'
<<jdow>>==================================================================
Award issued for today's "egregious use of cat award". {^_-}
<</jdow>>=================================================================
This did properly scan & add the headers that it had done so to the
first of the 3 messages that were merged into filename, but did not
re-trigger itself on the next 2 messages also in that file, therefore
they were not scanned and marked up by spamc.
<<jdow>>==================================================================
Gene, I have sent you working instructions for this setup. Have you lost
them already? It was only a month ago. {o.o}
<</jdow>>=================================================================
So it appears that wherever spamc is inserted into the path, it must be
presented with a single message complete with an EOF indicator of come
kind. Looking at the src file, it doesn't appear there is a quick,
dirty, and 100% dependable way to filter the output of the cat command
and break it up into one stream per message. But I haven't ran a
tcpdump to see how its formatted on the network traffic yet. The only
thing I can see is linefeed,linefeed,From and since theres no way to
stop me from doing it in a message I send, it doesn't look that
reliable to me.
From
Is that treated as a new message? I think not. I'm going to go look at
the fetchmail code, maybe I can make a patch for it to do this.
{^_^}
1) Procmail is what calls spamassassin. This is not the whole thing. But...
===8<---
#############################################################################
# Necessary generic definitions
#############################################################################
DROPPRIVS=yes
#VERBOSE=yes
LOGNAME=procmail
## rawmbox is no longer needed at this time.
#:0c: clone.lock
##* ^List-Id: .*(spamassassin\.apache.\org)
#$HOME/mail/rawmbox
#===--- Remove one level of "#" to save a clone of the raw mail.
#############################################################################
# Then we install some deaths and diversions
#############################################################################
# Example - this mailer daemon got out of hand long ago.
:0:
* ^From: [EMAIL PROTECTED]
/dev/null
# This one STILL is out of sane control.
:0:
* ^From: AntiSpam UOL <[EMAIL PROTECTED]>
#/dev/null
/$HOME/mail/uol_crap
#############################################################################
# Then we install some potential forged markups
#############################################################################
:0
* ^X-Spam-Status:
{
:0 fw
| formail -R "X-Spam-Status:" "X-False-Spam-Status:"
:0 fw
| formail -A "X-Nasty: Aren't we?"
}
:0
* ^X-Spam-Level
{
:0 fw
| formail -R "X-Spam-Level" "X-False-Spam-Level"
}
:0
* ^X-Spam-Checker-Version:
{
:0 fw
| formail -R "X-Spam-Checker-Version:" "X-False-Spam-Checker-Version:"
}
# FreeBSD mailing list fix
:0 fw
* ^X-Original-To:[EMAIL PROTECTED]
| formail -i "Reply-to: freebsd-questions@freebsd.org"
:0 Efw
{
:0 fw
* ^To:[EMAIL PROTECTED]
| formail -i "Reply-to: freebsd-questions@freebsd.org"
:0 Efw
{
:0 fw
* ^Cc:[EMAIL PROTECTED]
| formail -i "Reply-to: freebsd-questions@freebsd.org"
:0 Efw
* ^X-BeenThere:[EMAIL PROTECTED]
| formail -i "Reply-to: freebsd-questions@freebsd.org"
}
}
# /FreeBSD
# Ditto spamassassin list
##############################################################################
# Rewrite Reply-To: for SpamAssassin user list
##############################################################################
:0 fw
* ^List-Id: .*([EMAIL PROTECTED]|users\.spamassassin\.apache\.org)
| formail -A "$PROCMAILMATCH SpamAssassin user list" -i "Reply-to:
users@spamassassin.apache.org"
##############################################################################
# Rewrite Reply-To: for SpamAssassin dev list
##############################################################################
:0 fw
* ^List-Id: .*([EMAIL PROTECTED]|dev.spamassassin\.apache\.org)
| formail -A "$PROCMAILMATCH SpamAssassin Dev list" -i "Reply-to:
dev@spamassassin.apache.org"
# Feed everything under 500k and not from the sa list to spamc
:0
* < 500000
* !^List-Id: .*(spamassassin\.apache.\org)
{
:0 fw: spamassassin.lock
| /usr/bin/spamc -t 150 -u jdow
}
# Sometimes SA bails. I have some rawbody and full "per user" rules.
:0 fw
* !^X-Spam-Checker-Version:
* < 500000
* !^List-Id: .*(spamassassin\.apache.\org)
{
:0 fw
| nice -n 1 /usr/bin/spamassassin
:0 fw
| Formail -A "X-JdowMissed: SpamAssassin checks bombed first time."
# Some debugging.
# :0 fw
# | sed -e 's/Subject:/Subject: [ZZ Missed]/'
# :0c: clone1.lock
# $HOME/mail/sa_failed
}
# This gives you a raw clone of the processed mail.
#:0c: clone.lock
##* ^List-Id: .*(spamassassin\.apache.\org)
#$HOME/mail/jdow_processed
################## end .procmailrc - what's left falls through ###############
===8<---
Seriously, you only need a few lines of this. I put in some other tools you
can use for learning and experimentation.
.fetchmailrc looks like this:
===8<--- This is for an users mail account here. Obvious obfuscations exist.
defaults mda "/usr/bin/procmail -d XXX"
set syslog
set postmaster ""
set no bouncemail
set no spambounce
set properties ""
#set daemon 60
#set logfile fetchmail_el.log
poll smtp.earthlink.net with proto POP3
user 'jdow' there with password 'YERKIDDING'
is '[EMAIL PROTECTED]' here options pass8bits
smtpaddress ' '
poll smtp.earthlink.net with proto POP3
user 'snarzblart' there with password 'SNARZBLART'
is '[EMAIL PROTECTED] here options pass8bits
smtpaddress ' '
poll smtp.earthlink.net with proto POP3
user 'spizeltwits' there with password 'SPIZELTWITS'
is '[EMAIL PROTECTED]' here options pass8bits
smtpaddress ' '
poll smtp.earthlink.net with proto POP3
user 'zummelfumpets' there with password 'ZUMMELFUMPETS'
is '[EMAIL PROTECTED]' here options pass8bits
smtpaddress ' '
===8<---
I start fetchmail with this line if I want it daemonized. For testing I change
the options accordingly.
/usr/bin/fetchmail -d 90 --fetchmailrc /home/XXX/.fetchmailrc
Note that I do not have an /etc/fetchmailrc. Note that the mail does not go
through sendmail. Sendmail is running on this system simply so that root gets
the logwatch reports.
{^_^}
