New version of bogofilter-milter.pl

Tom Anderson tanderso at oac-design.com
Thu Aug 9 04:42:59 CEST 2007 

Sure.  Here's a new one which includes the ability to whitelist popip.db 
senders as well.  This way you don't have to filter email you send to 
yourself, and may be particularly useful for whitelisting emails to you 
from your users.

Tom

Jonathan Kamens wrote:
> Ugh.  An ed-style diff does me no good.  Please send a context diff 
> (diff -c) or unified diff (diff -u).
> 
> Thanks,
> 
>  jik
> 
> On 08/02/2007 03:46 AM, Tom Anderson wrote:
>> I have a new patch for you for whitelisting particular mail servers,
>> such as localhost.  This lets you avoid classifying and rejecting stuff
>> from postmaster, et al, and allowing forwards from another server
>> without having to finagle in the magic string somehow.
>>
>> Tom
>>
>>
>> Jonathan Kamens wrote:
>>> Comments in-line.
>>>
>>> On 07/30/2007 07:15 PM, Tom Anderson wrote:
>>>> Comments in-line...
>>>>
>>>> Jonathan Kamens wrote:
>>>>  
>>>>> The change from 'mail' to 'LOG_MAIL' in the openlog call is wrong, 
>>>>> according to the Sys::Syslog documentation on my machine.  The 
>>>>> documentation says that you can use either a facility string, e.g., 
>>>>> 'mail', or a facility macro /without/ quotes, e.g., LOG_MAIL.  It 
>>>>> doesn't say that you're allowed to use 'LOG_MAIL' in quotes.  While 
>>>>> it's interesting that that works for you :-), since it's 
>>>>> contraindicated by the documentation and specifying 'mail' works 
>>>>> just fine for me, I don't think I can accept that patch.  Could you 
>>>>> dig a little deeper and see if you can figure out what's going on 
>>>>> at your end?  What version of Perl are you using (what does "perl 
>>>>> -v" return)?  What version of Sys::Syslog are you using (what does 
>>>>> "perl -e 'use Sys::Syslog; print $Sys::Syslog::Version;'" return)?
>>>>>     
>>>>
>>>> Seems to me like using "LOG_MAIL" is correct given the docs:
>>>> ...
>>>>   
>>> This looks like a difference between the version of Sys::Syslog 
>>> you're using and the one I'm using.  I'm using 0.18, but an earlier 
>>> version, 0.13, is shipped with Perl.  It looks to me like they got 
>>> more "liberal" about log facilities in most recent version.  Since it 
>>> appears that the 'LOG_MAIL' you suggested is compatible with both 
>>> 0.13 and 0.18, I've modified the script as you suggested to use that 
>>> string, even though it's not the syntax recommended by the 
>>> Sys::Syslog man page for version 0.18.
>>>
>>>> Sure, you can use my name/email.  Please make the email 
>>>> neo+bogofilter-milter at orderamidchaos.com.  Here are some comments 
>>>> you can append to the top (just an altered version of your comments):
>>>>   
>>> Thanks, I've put an updated version of your gentoo script as well as 
>>> an updated version of bogofilter-milter.pl up on my home page 
>>> (http://stuff.mit.edu/~jik/).
>>>
>>>> BTW, here's another issue I was having that you may or may not know 
>>>> something about.  When I put the bogofilter-milter below clamav in 
>>>> my sendmail.mc, everything works fine, but when I put clamav under 
>>>> it, it says the socket is unsafe.  Any ideas?
>>>>
>>>> Jul 30 19:10:50 [sm-mta] l6UNATfp026297: Milter (bogofilter-milter): 
>>>> local socket name /var/run/bogofilter-milter.sock unsafe
>>>> Jul 30 19:10:50 [sm-mta] l6UNATfp026297: Milter (bogofilter-milter): 
>>>> to error state
>>>>   
>>> Is it possible that the clamav milter is changing the permissions on 
>>> bogofilter-milter.sock?  Other than that, I have no guesses, sorry.  
>>> Perhaps ask about it in comp.mail.sendmail?
>>>
>>>   jik
>>
> 
> 
-------------- next part --------------
--- /usr/sbin/bogofilter-milter-1.33.pl 2007-08-01 19:56:32.000000000 -0400
+++ /usr/sbin/bogofilter-milter-1.33-new.pl     2007-08-08 22:30:22.000000000 -0400
@@ -24,8 +24,9 @@

 # You will need the following non-standard Perl modules installed to
 # use this script: Sendmail::Milter, Mail::Alias, Proc::Daemon,
-# IO::Stringy.  Before using this script, search for CONFIGURABLE
-# SETTINGS and configure them appropriately for your site.
+# IO::Stringy, Socket, Net::CIDR, DB_File, POSIX.  Before using this
+# script, search for CONFIGURABLE SETTINGS and configure them
+# appropriately for your site.
 #
 # Inserts "X-Bogosity: Spam, tests=bogofilter" into messages that
 # appear to be spam (or "Ham" into ones that don't).  If the message is
@@ -78,6 +79,14 @@
     "If it isn't, resend it with $magic_string " .
     "in the Subject line.";

+# Whitelist any IP addresses or ranges from this filter
+our @whitelist = ("127.0.0.1");
+
+# If you want to whitelist any addresses which have authenticated
+# via poprelayd (i.e. remote workstations of users on your server)
+# set $dbfile to your popip.db location, else set it to undef
+our $dbfile = "/etc/mail/popip.db";
+
 # The largest message to keep in memory rather than writing to a
 # temporary file.
 my $MAX_INCORE_MSG_LENGTH = 1000000;
@@ -197,6 +206,10 @@
 use IO::Scalar;
 use IPC::Open2;
 use Data::Dumper;
+use Socket;
+use Net::CIDR;
+use DB_File;
+use POSIX;

 $Data::Dumper::Indent = 0;

@@ -210,6 +223,7 @@

 my %my_milter_callbacks =
 (
+ 'connect' => \&my_connect_callback,
  'envrcpt' => \&my_rcpt_callback,
  'header'  => \&my_header_callback,
  'eoh'     => \&my_eoh_callback,
@@ -233,6 +247,26 @@
 my $magic_string_re = $magic_string;
 $magic_string_re =~ s/(\W)/\\$1/g;

+# convert whitelist into CIDR notation
+our @cidr_list = ();
+foreach my $IP (@whitelist) {
+  if (not eval {@cidr_list = Net::CIDR::cidradd ($IP, @cidr_list)}) {
+    &die("Error processing whitelist: \"$IP\" is not a valid IP address or range.");
+  }
+}
+
+# add popip database to whitelist
+our %db;
+if ($dbfile) {
+  &opendb_read;
+  foreach my $IP (keys(%db)) {
+    if (not eval {@cidr_list = Net::CIDR::cidradd ($IP, @cidr_list)}) {
+      &die("Error processing $dbfile: \"$IP\" is not a valid IP address.");
+    }
+  }
+  &closedb;
+}
+
 setlogsock('unix');
 openlog($whoami, 'pid', $log_facility);
 if (! $debug) {
@@ -262,6 +296,31 @@

 Sendmail::Milter::main($milter_interpreters);

+sub my_connect_callback {
+    my $ctx = shift; # milter context object
+    my $hostname = shift;       # The connection's host name.
+    my $sockaddr_in = shift;    # AF_INET portion of the host address, from getpeername(2) syscall
+    my ($port,$ipaddr) = Socket::unpack_sockaddr_in($sockaddr_in) or &die("Could not unpack socket address: $!");
+    $ipaddr = Socket::inet_ntoa($ipaddr); # translates it into a standard IPv4 address
+
+    &debuglog("my_connect_callback: entering with hostname=$hostname, ipaddr=$ipaddr, port=$port");
+
+    # check if the connecting server is listed in the whitelist
+    if (scalar @cidr_list)
+    {
+        if (eval {Net::CIDR::cidrlookup($ipaddr, @cidr_list)}) {
+          syslog('info', '%s', "$ipaddr is whitelisted, so this email is being accepted unfiltered.");
+          $ctx -> setpriv(undef);
+          return SMFIS_ACCEPT;
+        }
+        else { &debuglog("$ipaddr is not in the whitelist"); }
+    }
+
+    $ctx->setpriv(undef);
+    &debuglog("my_connect_callback: return CONTINUE with undef");
+    return SMFIS_CONTINUE;
+}
+
 sub my_rcpt_callback {
     my $ctx = shift;
     my $hash = $ctx->getpriv();
@@ -737,6 +796,14 @@
     }
 }

+sub opendb_read {
+    tie(%db, "DB_File", $dbfile, O_RDONLY, 0, $DB_HASH) or &die("Can't open $dbfile: $!");
+}
+
+sub closedb {
+    untie %db;
+}
+
 sub die {
     my(@msg) = @_;

More information about the bogofilter mailing list