gmane.mail.mimedefang

How to change envelope sender?

Benoit Panizzon — 2013-05-02T09:27:44

Yo

Goal: Minimize Backscatter.

Problem: Customers do forward their email address to some other addresses 
which are have full quota or just any other problems.

Solution:
Do this whole Aliasing and Forward-Address handling with MIMEDefang. As the 
local email address doing the forward is know to be good (or not, but then we 
don't accept the email so won't create any backscatter) we know we can drop 
further errors happening while forwarding there.

In filter_recipient we check if the recipient is being forwarded to some other 
Destination. We can md_check_against_smtp_server to see if the recipient 
exists. But we don't know yet if the quota is full or similar. We only know 
this wen we queued and sent the actual email, but then we need to generate a 
bounce if this fails.
So let's change the sender to the address of the address of the local 
recipient who wants to have his emails forwarded somewhere else. So he get's 
the blame/bounce if his forward does not work.

Now I miss some kind of command to do that within MIMEDefang. $sender is read 
only I assume.

The complicated way would be to re-send / discard the email. Is there another 
solution?
This could also be used to implement propper SRS (which we actualy don't need 
anymore if we use the forwarder's address as sender).

Benoit Panizzon

Constructing MIME::Entity via new

Philip Prindeville — 2013-04-30T17:39:57

I'm not quite getting something in the MIME::Entity documentation.  It says:

PUBLIC INTERFACE
   Construction
       new [SOURCE]
           Class method.  Create a new, empty MIME entity.  Basically, this
           uses the Mail::Internet constructor...

           If SOURCE is an ARRAYREF, it is assumed to be an array of lines
           that will be used to create both the header and an in-core body.

           Else, if SOURCE is defined, it is assumed to be a filehandle from
           which the header and in-core body is to be read.

           Note: in either case, the body will not be parsed: merely read!


but when I try:

my $pop = Net::POP3->new('localhost', Port => 8110, Timeout => 15, Debug => $debug);

...

for (my $i = 1; $i <= $msgs; ++$i) {
  my $lines = $pop->top($i, 0);

  my $msg = MIME::Entity->new($lines);<< line 38

  print $msg->as_string();
}


I end up seeing:

you cannot use body() to set the encoded contents
 at ./test070.pl line 38

which seems to contradict the manual.

How does one normally construct a MIME::Entity from the stream off-the-wire?  I don't really care if the body is parsed or not, since I'm obviously only fetching the headers (i.e. the "body-lines" count to Net::POP3::top() is 0).

Thanks,

-Philip

rps-mail-eventreporter installation

tim — 2013-04-20T16:50:21

I am not a linux expert of perl expert.

I have sendmail, amavis, and clamav working on a new opensuse 12.3 load.

I'm trying to get mimedefang and spamassassin working.

I downloaded the files shown at the mimedefang site.

When doing a "perl Makefile.PL" command (as root user) for the
rps-mail-eventreporter I get an error message of:

Bareword "auto_install" not allowed while "strict subs" in use at Makefile.PL line 17.
Execution of Makefile.PL aborted due to compilation errors.

I've searched the mailing list archives and couldn't find anything.

I'm sure this is a simple problem to fix but I can't find anything on
the internet about it.

Help!

How to count recipients in filter_recipient

Benoit Panizzon — 2013-04-16T09:51:50

Hello

The situation:

Recipients have different SpamAssassin Settings:

Recipeint A => "NO FILTERING";
Recipient B => "REJECT SPAM";

Now an email arrives
mail from:<sender>
rcpt to:<Recipient A>
rcpt to:<Recipient B>

Now if this is an email that will be handled as spam, we have the problem, 
that Recipeint A does want to receive that email and Recipient B want us to 
reject it during SMTP Handshake.

We could:
Accept the Email and deliver it only to Recipient A.

Problem: If it was a false positive, that sender does not know it was not 
delivered to Recipient B. His Maillog will tell him it was successfully 
delivered. => NoGo.

We could:
Reject that email: Recipient A will complain that we filtered the email even 
though his settings tell us not to do so. = NoGo.

Solution:
We only accept those recipients which have identical anti-spam settings and 
tempfail the others, forcing the sending MTA to resent them in a separate 
session. So we can then handle that session according the users settings.

sub filter_sender {
  $rcpt_count = 0;
  return ('CONTINUE',"ok");
}

sub filter_recipient {
  if ($rcpt_count eq 0) {
    my $filterrule = &getspamsettings($recipient);
  } else {
    $rcpt_count++;
    return ('TEMPFAIL', "Too many Recipients") if ($rcpt_count > 50);
return ('TEMPFAIL', "Different Spam Setting, please resend separately") if  
($filterrule != &getspamsettings($recipient));
  }
  return ('CONTINUE',"ok");
}

Well, this is the basic idea. Please ignore the syntax errors :-), I just 
started with the $rcpt_count in my code. Unfortunately filter_sender and 
filter_recipient calls are carried to different filter processes. So the 
counter is not reset.

Is there a way to define some sort of over-global variable that is consistent 
for one SMTP session between all of the mimedefang processes?

Kind regards

Benoit Panizzon

Errors Warnings multiplexor Starting slave

Lars Sorensen — 2013-04-15T12:18:12

I recently upgraded both my Perl version and Mimedefang and are seeing some of my mimedefang.pl processes hanging.
Most likely part of a poorly written filter on my part and I'm hunting that down.

But after the upgrade I see these log entries:

Apr 15 07:06:58 gw1 mimedefang-multiplexor[13280]: Starting slave 4 (pid 13530) (5 running): About to perform scan
Apr 15 07:06:59 gw1 mimedefang-multiplexor[13280]: r3FC6uX8013525: Slave 4 stderr: main::rebuild_entity() called too early to check prototype at /usr/bin/mimedefang.pl line 805.
Apr 15 07:06:59 gw1 mimedefang-multiplexor[13280]: r3FC6uX8013525: Slave 4 stderr: defined(< at >array) is deprecated at /usr/bin/mimedefang.pl line 7087.
Apr 15 07:06:59 gw1 mimedefang-multiplexor[13280]: r3FC6uX8013525: Slave 4 stderr: (Maybe you should just omit the defined()?)
Apr 15 07:06:59 gw1 mimedefang-multiplexor[13280]: r3FC6uX8013525: Slave 4 stderr: defined(< at >array) is deprecated at /usr/bin/mimedefang.pl line 7125.
Apr 15 07:06:59 gw1 mimedefang-multiplexor[13280]: r3FC6uX8013525: Slave 4 stderr: (Maybe you should just omit the defined()?)

Anybody seen these?

Running:
RHEL 5
Perl 5.16.3
mimedefang version 2.73


Best regards
Lars Sorensen

Problem matching occurrences other than first line inemail.

Lars Sorensen — 2013-04-02T09:30:22

Hello,

Trying to get heads and tails of Mimedefang and Perl, I'm stuck understanding why the below code in Mimedefang will only match on the first line of an email and ignore the rest.

So:
"open something anotherthing thirdthing" only matches if on the first line of the email, and additional lines are ignored.
I'm trying to match all occurrences of lines with this pattern and add headers accordingly.
Can anybody throw me a bone on this one?

###########################################################################
sub filter {
my($entity) = < at >_;

if (grep {/email\< at >example\.com/i} < at >Recipients) {
my $io;
if ($io = $entity->open("r")) {
while (defined($_ = $io->getline)) {
if  ( $_ =~ /\bopen\W+([a-z]+)(\W+)?([a-z]+)?(\W+)?([a-z]+)?/i) {
action_add_header('X-header',"$1, $3, $5");
last;   
}
}
        $io->close;
        }
}
}
###########################################################################

All the best

Lars Sorensen

md_check_against_smtp_server() returned an emptyresponse

Richard Laager — 2013-03-27T08:41:17

This is unrelated to the other thread.

I'm troubleshooting an issue where md_check_against_smtp_server()
intermittently hangs for 5 minutes. It's *always* 300 seconds exactly
(ignoring sub-second precision).

The error is always the "returned an empty response" from
get_smtp_return_code().

I'm using this function for doing callbacks against the sender's
address. I look up the MX records using Net::DNS. Before you hate me too
much, I cache positive responses for 7 days and negative responses for 1
hour. The delays discussed above are around the actual
md_check_against_smtp_server() call and *nothing else*. To get this far,
I had to instrument my filter with logging before and after every
non-trivial block of code.

Does anyone have any idea why the 15 second IO::Socket::INET timeout
isn't applying in these cases?

Thanks,
Richard

SPF Check - was Re: md_check_against_smtp_server andmd_graphdefang_log

2013-03-27T02:01:13

Here's what I use:

use Mail::SPF;

sub filter_sender {
    my ($sender, $ip, $hostname, $helo) = < at >_;
    if ($sender =~ /< at >([^>]+)/) {
        my $domain = $1;
        my < at >bogushosts = md_get_bogus_mx_hosts($domain);
        my $i = scalar(< at >bogushosts);
        return('REJECT',"Domain $domain has $i bogus MX record" .
            (($i < 2)? '' : 's') .': '. join(' ',< at >bogushosts),'550','5.4.4')
            if ($i);
    } else {
        $sender = "<postmaster\< at >$helo>" unless ($sender =~ /[^<>]+/);
    }
    return('CONTINUE',"OK - Localhost [$ip]",'250','2.4.0')
        if ($ip =~ /^(::1|127\.0\.0\.1|UNKNOWN)$/i);
    read_commands_file();
    my $id = ($sender =~ /<(.+)>/) ? $1 : $sender;
    my $spfserver = Mail::SPF::Server->new(max_void_dns_lookups => undef,
        hostname => $SendmailMacros{'if_name'} );
    my $spfrequest = Mail::SPF::Request->new(versions => [1], scope => 'mfrom',
        identity => $id, ip_address => $ip, helo_identity => $helo);
    my $r = $spfserver->process($spfrequest);
    my $spfrec = $spfrequest->record;
    my $result = $r->code;
    my $text   = $r->text;
    my $local  = $r->local_explanation;
    my $auth   = ($result eq 'fail') ? $r->authority_explanation : '';
    my $label  = ($sender eq "<>") ? 'helo' : 'mailfrom';
    $result = 'policy' if ($result eq 'pass') &&
                (($text =~ /Mechanism \'+?all\' matche[ds]/i) ||
                (($text =~ /Mechanism \'.+\/(\d)\' matche[ds]/i) && ($1 < 8)));
    $text = 'PTR-RR in same domain as sender mailbox'
        if ($result eq 'none') && ($hostname =~ /^(?:[^.]+\.)*$domain$/i);
    md_syslog('info',"SPF=$result From=<$id> ($text)");
    action_insert_header('Authentication-Results', $SendmailMacros{'if_name'} .
         "; SPF=$result smtp.$label=$1 ($local)", 1) if ($id =~ /< at >([^>]+)/);
    return('CONTINUE','OK - Authenicated Client','250','2.7.0')
        if ($SendmailMacros{'auth_authen'});
    return('REJECT',"SPF Failure: $local. ($auth)",'550','5.7.7')
        if ($result =~ /^(hard)?fail$/);
    return('REJECT',"SPF Error: $local".($spfrec?" ($spfrec)":''),'550','5.7.8')
        if ($result eq 'permerror');
    return('REJECT',"Unacceptable SPF Result: $text",'550','5.7.9')
        if ($result eq 'policy');
    return('TEMPFAIL',"SPF Temp-Error: $local",'451','4.4.3')
        if ($result eq 'temperror');
    return('CONTINUE',"OK - SPF=$result ($local)");
}

Slightly OT: SpamAssassin freemail check data

Ben Kamen — 2013-03-25T03:42:45

Hey all,

  Where does the freemail filters for SA get it's list of email addy's?

I'm looking at the FreeMail.pm -- and I'm not perl coherent enough to have it jump out at me.

I'm just wondering if it's downloaded and/or also comes from a locally scanned db (through sa "learn")..

Thanks,

  -Ben

md_check_against_smtp_server and md_graphdefang_log

James Curtis — 2013-03-23T00:43:33

I'm trying to piece together a filter that logs and blocks traffic that is unnecessary.  I can't get md_graphdefang_log to put in an entry for items that are refused because of 'User unknown' responses.  As you can tell from my code snip below, I am not a programmer.  I am adding a few lines above, and a few lines below where I put my code for reference.  
Blocking and logging is working for the DNSBL.
Blocking and logging are not working for the check against smtp server, but it is sending a bounce back  and not trying to deliver to internal server.
Mimedefang version is 2.70.1
 
Any help would be greatly appreciated.  
-Bill Curtis
 
 
    # IMPORTANT NOTE:  YOU MUST CALL send_quarantine_notifications() AFTER
    # ANY PARTS HAVE BEEN QUARANTINED.  SO IF YOU MODIFY THIS FILTER TO
    # QUARANTINE SPAM, REWORK THE LOGIC TO CALL send_quarantine_notifications()
    # AT THE END!!!
my($result);
    # yea, I know that the DNSBL is more effecient in sendmail, but I want to know how many blocked for what user by blacklist.
if ($result = (relay_is_blacklisted($RelayAddr, "zen.spamhaus.org"))) {
        md_graphdefang_log('spamhaus', $hits, $RelayAddr);
        return action_bounce("reject: mail from ($RelayHostname || $RelayAddr) rejected due to http://www.spamhaus.org/zen");
    # the reject works, but graphdefang log shows the Subject instead of Relay address
        action_discard();
}
elsif ($result = (relay_is_blacklisted($RelayAddr, "bl.spamcop.net"))) {
        md_graphdefang_log('spamcop', $hits, $RelayAddr);
        return action_bounce("reject: mail from ($RelayHostname || $RelayAddr) rejected due to http://bl.spamcop.net/");
    # the reject works, but graphdefang log shows the Subject instead of Relay address

        action_discard();
}
sub filter_recipient
       {
           my($recip, $sender, $ip, $host, $first, $helo, $rcpt_mailer, $rcpt_host, $rcpt_addr) = < at >_;
           md_check_against_smtp_server($sender, $recip, "<filter serverexternal DNS name>", "<internal private address>");
        md_graphdefang_log('notuser', $recip, $sender);
    # graphdefang log doesn't log entry as 'notuser', eventually logs it as spam, or mail_in depending on score because of code that follows.
        return action_discard();
       }
    # Drop anything with a score over 6 (*works)
if ($hits > 6) {
        md_graphdefang_log('spamdrop', $hits, $RelayAddr);
        action_discard();
}
    # No sense doing any extra work
    return if message_rejected();
    # Spam checks if SpamAssassin is installed
    if ($Features{"SpamAssassin"}) {
        if (-s "./INPUTMSG" < 100*1024) {

javascript in address header

Joseph Brennan — 2013-03-20T19:51:45

Ever see one of these?--

To: Joe B <jb51< at >columbia.edu<javascript:_e({}, 
'cvml','jb51< at >columbia.edu');>>

I changed the name and address, but otherwise this is what someone on Gmail 
sent to a user here. The envelope RCPT was evidently normal, as logged by 
sendmail, but when we re-sent it to an Exchange system (still with a normal 
RCPT), Exchange rejected the header.

This 
<http://stackoverflow.com/questions/14662296/javascript-cvml-in-an-email-address> 
gives a too-brief explanation of what it is.

It wouldn't be hard to remove with MimeDefang. I cannot find an example in 
my own voluminous mail from Gmail users, which has me wondering how rare it 
is. I wonder whether any email client would run javascript in a header line 
anyway. I'm considering writing it off as one weird case.

Joseph Brennan
Columbia University Information Technology

Removing redundant html part and header for one userincoming.

Lars Sorensen — 2013-03-16T17:54:35

Hello,

I am trying to sanitize incoming email for one specific user/email, specifically removing some X- headers and redundant html/markup from the email. mimedefang would be used for only this purpose and no other purpose or users.

After trying to piece together some code using stream_by_recipient, remove_redundant_html_parts and action_delete_all_headers, I have come to the conclusion that my understanding of Mimedefang and my perl skills are not sufficiently advanced yet to solve this problem.
Running sendmail-8.13 and mimedefang-2.70 and the install is functional. 

If any of you could help me out with my filter, I would be very grateful?

Best 
Lars Sorensen 

Happy Saturday!

filter_recipient rejecting entire message instead ofindividual recipient

Shridhar S Shetty — 2013-03-08T11:06:34

Hello,

We have a situation where filter_recipient discards messages to entire recipient list when a single recipient gets tempfailed when sending email via email client (Thunderbird).

when filter_recipient tempfails a single recipient in a a multi recipient email, the tempfail code is returned back to the email client and the message is not delivered further.
Please note this happens *only* when the email is sent using email client(thunderbird/outlook etc) and not when sent directly using sendmail. In the latter case only the individual recipient gets tempfailed and message is delivered to rest of the recipients.

a brief code snippet of filter_recipient 
--------------
sub filter_recipient {
  my ($check_flag_blockuser) = config_check($user,$domain,6);
  if($check_flag_blockuser == 1){
       return('TEMPFAIL', "User $recivor is temporarily blocked","450","4.2.1");
  }
  some other checks
  return ("CONTINUE","ok");
}
--------------

Is there a config error somewhere?
Any assist would be greatly appreciated. 

Thanks
Shridhar

filter_recipient rejecting entire message instead ofindividual recipient

Shridhar S Shetty — 2013-03-07T11:02:52

Hello,

We have a situation where filter_recipient discards messages to entire recipient list when a single recipient gets tempfailed when sending email via email client (Thunderbird).

when filter_recipient tempfails a single recipient in a a multi recipient email, the tempfail code is returned back to the email client and the message is not delivered further.
Please note this happens *only* when the email is sent using email client(thunderbird/outlook etc) and not when sent directly using sendmail. In the latter case only the individual recipient gets tempfailed and message is delivered to rest of the recipients.

a brief code snippet of filter_recipient 
--------------
sub filter_recipient {
  my ($check_flag_blockuser) = config_check($user,$domain,6);
  if($check_flag_blockuser == 1){
       return('TEMPFAIL', "User $recivor is temporarily blocked","450","4.2.1");
  }
  some other checks
  return ("CONTINUE","ok");
}
--------------

Is there a config error somewhere?
Any assist would be greatly appreciated. 

Thanks
Shridhar

Email injection and the android 'email' app

Dale Moore — 2013-03-04T17:30:09

I am a recent mailing list subscriber.
I am a longtime user of mimedefang.

I'd like to discuss email injection, which is not specifically a mimedefang
issue, but I will use mimedefang to implement what I'm discussing.

I have had the philosophy that it is better to reject an email via
SMTP protocol (550 5.1.1 No Such user here) instead of accepting an
email then later sending a Delivery Status Notification (DSN) that an email
could not be delivered.

That philosophy of early rejection is independent of
  - whether the client had authenticated or not, and/or
  - whether the email was for the local site or not.

This philosophy reduces network traffic, reduces mis-directed
DSN blowback (faked envelope mail from), and is just  a cleaner
way of doing things.

A most curious behavior that I'm seeing is with the Android email app.
When an android user, using the default 'email' app,
attempts to send email to user< at >this.site.example.com but the
user mistypes the email address as nosuchuser< at >this.site.example.com
the SMTP server for my domain (this.site.example.com) will respond with 
  550 5.1.1 No Such mailbox here <nosuchuser< at >this.site.example.com> 
It responds with failure because the smtp server knows the local
domain this.site.example.com very well because it is the local domain.
And it knows all of the email addresses within that domain.
And it knows that nosuchuser< at >this.site.example.com is not valid.
It only makes sense to me to reject this email at this point.

The android 'email' app, will NOT take this 'permanent' failure as definitive,
and instead try again shortly to resend the email.   The email remains the
the app's 'Outbox' .  I currently have dozens of remote android client
that connect to my smtp server that regularly attempt to send their
same mis-addressed email dozens of times a day for weeks on end.

My guess is that this email client application wants my SMTP server to
always accept the email and send a DSN upon discovery of a problem.

We currently have several per account email settings stored in our
ldap directory that my mimedefang milters reference. These settings include
  - Spam scoring thresholds
  - greylisting settings
we are considering one that would do the following
  - get the authenticated user id ($main::SendmailMacros{auth_authen})
  - retrieve their LDAP bouce settings
  - Use this bounce setting to decide whether to bounce or send a DSN.

Another option to attempt to solve this problem, is if my milters see this
behavior more times than some configurable threshold (say 10 times from
the same IP/envelope from/rcpt to/) is to 
  - adjust the servers behaviour by accepting the email and
  - send a DSN that the email was probably mis-addressed.
That would cause the apps nagging to eventually stop, but at the expense
of a non-immediate feedback to the app user that he or she cant type.

Another option is some combination of the above.

Currently, to deal with this problem,  I'm 
  - manually scanning the logs picking out such behavior
  - personally notifying the users that their email isnt going out and why
  - helping them put their droid in airplane mode
  - helping them remove the offending message from their 'Outbox'
  - helping them put their droid out of airplane mode

If your opinion is that the android app is wrong, I'll agree.  But it is becoming
so pervasive, we must find a better way of accomodating this email client app.
There are too many android users.  We cant try to convince them that they should
use a different email app or adjust their settings for composing or reading email.
I might as well hold back the tide as ask them to change their behavior.
I myself am an android app user.

Your ideas are appreciated.  You can send your ideas  to me directly and I will
summarize in a week.  Or you can send them to this list.

Dale Moore

NJABL is closed

Joseph Brennan — 2013-03-02T00:57:49

I had not heard about this in advance, but NJABL has shut down as of
about 17:00 Eastern today.  <http://www.njabl.org/>

If you were checking it, time to stop.

Joseph Brennan
Manager, Email and Systems Applications
Columbia University Information Technology

MIME::Entity not handling Charset => 'utf-8' correctly?

Philip Prindeville — 2013-02-21T02:20:56

Awesome, that worked!

I'm wondering if in MIME::Body we should take:

sub as_string {
 my $self = shift;
 my $str = '';
 my $fh = IO::File->new(\$str, '>:') or croak("Cannot open in-memory file: $!");
 $self->print($fh);
 close($fh);
 return $str;
}

and have:

 return Encode::decode($charset, $str);

instead, but I'm not sure how we'd retrieve $charset…  It would need to be stored into MIME::Body which isn't currently the case.

Thanks,

-Philip



On Feb 20, 2013, at 6:21 PM, David F. Skoll <dfs< at >roaringpenguin.com> wrote:

MIME::Entity not handling Charset => 'utf-8' correctly?

Philip Prindeville — 2013-02-21T00:20:25

Hi.

I'm trying to generate a message as a footer in mimedefang-filter (in filter_end()) when I see certain message contents, but I'm running into what looks like a bug.  I've reproduced it here:

[philipp]$ cat test.pl
#!/usr/bin/perl -w

use strict;
use warnings;

use MIME::Entity;
use MIME::QuotedPrint;
use HTML::Entities;

my $string = decode_qp("Ellipsis=E2=80=A6\n");

utf8::upgrade($string);

print "string: ", $string;

print "hex: ", unpack('H*', $string), "\n";

my $msg = encode_entities($string, '"<>&');

my < at >strings = (
"<html>\n",
$msg,
"</html>\n"
);


my $html = MIME::Entity->build(
  Top => 0,
  Type => 'text/html',
  Encoding => 'quoted-printable',
  Charset => 'utf-8',
  Data => [ < at >strings ],
);

print $html->as_string(), "\n";

exit 0;
[philipp]$ ./test.pl
string: Ellipsis…
hex: 456c6c6970736973e280a60a
Content-Type: text/html; charset="utf-8"
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

<html>
Ellipsis=C3=A2=C2=80=C2=A6
</html>

[philipp]$ 


from what I can tell, if I do a Data::Dumper() on $html->bodyhandle()->{'MBS_Data'} then it looks like the 3 UTF characters (0xa280a8) have been converted into \x{a2}, \x{80}, \x{a8} instead…  Which I don't understand, since I've explicitly called the Charset out as being 'utf-8'. It looks like the string is being interpreted as latin1, not utf8.

What am I doing wrong?

Thanks,

-Philip

main::rebuild_entity() called too early to checkprototype

Mark G Thomas — 2013-02-06T22:00:55

Hi,

I'm running into some issues with perl-5.16.2 and mimedefang.

Errors like this:

defined(< at >array) is deprecated at /opt/mimedefang-2.67/bin/mimedefang.pl line 7335.

and this:

mimedefang-multiplexor[11932]: Slave 5 stderr: main::rebuild_entity() called too early to check prototype at /opt/mimedefang-2.73/bin/mimedefang.pl line 805.

The first one seems fixed by just changing to "if (!< at >arraya)", but I'm not
sure how to fix the other error.

Mark

MIME-tools 5.504 has been released

David F. Skoll — 2013-01-31T14:05:27

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi, all,

Not specifically MIMEDefang-related, but I thought I'd let you know we've
released MIME-tools 5.504 on CPAN.  Changelog since 5.503 follows.

Regards,

David.

5.504  2013-01-30  David F. Skoll <dfs< at >roaringpenguin.com>

* VERSION 5.504 RELEASED

* Fix encoding of MIME parameters that contain a quoted
  string:  "like \"this"
  https://rt.cpan.org/Public/Bug/Display.html?id=80433

* Suppress useless warnings from tests
  https://rt.cpan.org/Public/Bug/Display.html?id=80679

* Fix long-standing bug in encode_mimewords that can
  break multibyte-encodings (eg, utf-8)
  https://rt.cpan.org/Public/Bug/Display.html?id=5462

5.503  2012-06-08  David F. Skoll <dfs< at >roaringpenguin.com>

* VERSION 5.503 RELEASED
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iD8DBQFRCnonwYQuKhJvQuARAvi+AKCz8y4SYSXaa0lkve5E+gEs9w8IfACghB86
d6hL8+Auz0tKtKJbnB1bQM0=
=/L6r
-----END PGP SIGNATURE-----

Disable filter for smtp-auth

Wesley M.A — 2013-01-28T03:55:40

Hi,

I'm using OpenBSD-5.2, sendmail 8.14.5 and mimedefang 2.73p7

I just enable saslauthd on this mail server.

But when clients send emails using our MTA, their message are filtered 
and so they are like [SPAM]

Is there a way to disable this filter only for SMTP Auth ?

Thank you very much.

Here's my mimedefang-filter :

# -*- Perl -*-
#***********************************************************************
#
# mimedefang-filter
#
# Copyright (C) 2002 Roaring Penguin Software Inc.
#
# This program may be distributed under the terms of the GNU General
# Public License, Version 2, or (at your option) any later version.
#
# $Id$
#***********************************************************************

#***********************************************************************
# Set administrator's e-mail address here. The administrator receives
# quarantine messages and is listed as the contact for site-wide
# MIMEDefang policy. A good example would be 
'defang-admin< at >mydomain.com'
#***********************************************************************
$AdminAddress = 'postmaster< at >localhost';
$AdminName = "Postmaster";

#***********************************************************************
# Set the e-mail address from which MIMEDefang quarantine warnings and
# user notifications appear to come. A good example would be
# 'mimedefang< at >mydomain.com'. Make sure to have an alias for this
# address if you want replies to it to work.
#***********************************************************************
$DaemonAddress = 'postmaster< at >localhost';

#***********************************************************************
# If you set $AddWarningsInline to 1, then MIMEDefang tries *very* hard
# to add warnings directly in the message body (text or html) rather
# than adding a separate "WARNING.TXT" MIME part. If the message
# has no text or html part, then a separate MIME part is still used.
#***********************************************************************
$AddWarningsInline = 0;

#***********************************************************************
# To enable syslogging of virus and spam activity, add the following
# to the filter:
# md_graphdefang_log_enable();
# You may optionally provide a syslogging facility by passing an
# argument such as: md_graphdefang_log_enable('local4'); If you do 
this, be
# sure to setup the new syslog facility (probably in /etc/syslog.conf).
# An optional second argument causes a line of output to be produced
# for each recipient (if it is 1), or only a single summary line
# for all recipients (if it is 0.) The default is 1.
# Comment this line out to disable logging.
#***********************************************************************
md_graphdefang_log_enable('mail', 1);

#***********************************************************************
# Uncomment this to block messages with more than 50 parts. This will
# *NOT* work unless you're using Roaring Penguin's patched version
# of MIME tools, version MIME-tools-5.411a-RP-Patched-02 or later.
#
# WARNING: DO NOT SET THIS VARIABLE unless you're using at least
# MIME-tools-5.411a-RP-Patched-02; otherwise, your filter will fail.
#***********************************************************************
# $MaxMIMEParts = 50;

#***********************************************************************
# Uncomment to enable the clamd(8) anti-virus daemon.
#***********************************************************************
$Features{'Virus:CLAMD'} = 1;
$ClamdSock = "/tmp/clamd.socket";

#***********************************************************************
# Set various stupid things your mail client does below.
#***********************************************************************

# Set the next one if your mail client cannot handle multiple "inline"
# parts.
$Stupidity{"NoMultipleInlines"} = 0;

# Detect and load Perl modules
detect_and_load_perl_modules();

# This procedure returns true for entities with bad filenames.
sub filter_bad_filename {
  my($entity) = < at >_;
  my($bad_exts, $re);

# Bad extensions
  $bad_exts = 
'(ade|adp|app|asd|asf|asx|bas|bat|chm|cmd|com|cpl|crt|dll|exe|fxp|hlp|hta|hto|inf|ini|ins|isp|jse?|lib|lnk|mdb|mde|msc|msi|msp|mst|ocx|pcd|pif|prg|reg|scr|sct|sh|shb|shs|sys|url|vb|vbe|vbs|vcs|vxd|wmd|wms|wmz|wsc|wsf|wsh|{[^}]+})';

# Do not allow:
  # - CLSIDs {foobarbaz}
  # - bad extensions (possibly with trailing dots) at end
  $re = '.' . $bad_exts . '.*$';

return 1 if (re_match($entity, $re));

# Look inside ZIP files
  if (re_match($entity, '.zip$') and
  $Features{"Archive::Zip"}) {
  my $bh = $entity->bodyhandle();
  if (defined($bh)) {
  my $path = $bh->path();
  if (defined($path)) {
  return re_match_in_zip_directory($path, $re);
  }
  }
  }
  return 0;
}

#***********************************************************************
# %PROCEDURE: filter_begin
# %ARGUMENTS:
# $entity -- the parsed MIME::Entity
# %RETURNS:
# Nothing
# %DESCRIPTION:
# Called just before e-mail parts are processed
#***********************************************************************
sub filter_begin {
  my($entity) = < at >_;
  # ALWAYS drop messages with suspicious chars in headers
  if ($SuspiciousCharsInHeaders) {
  md_graphdefang_log('suspicious_chars');
  # action_quarantine_entire_message("Message quarantined because of 
suspicious characters in headers");
  # Do NOT allow message to reach recipient(s)
  return action_discard();
  }

# Copy original message into work directory as an "mbox" file for
  # virus-scanning
  md_copy_orig_msg_to_work_dir_as_mbox_file();

# Scan for viruses if any virus-scanners are installed
  my($code, $category, $action) = message_contains_virus();

# Lower level of paranoia - only looks for actual viruses
  $FoundVirus = ($category eq "virus");

# Higher level of paranoia - takes care of "suspicious" objects
  # $FoundVirus = ($action eq "quarantine");

if ($FoundVirus) {
  md_graphdefang_log('virus', $VirusName, $RelayAddr);
  md_syslog('warning', "Discarding because of virus $VirusName");
  # Uncomment to copy the message to quarantine before discarding it.
  # action_quarantine_entire_message();
  return action_discard();
  }

if ($action eq "tempfail") {
  action_tempfail("Problem running virus-scanner");
  md_syslog('warning', "Problem running virus scanner: code=$code, 
category=$category, action=$action");
  }
}

#***********************************************************************
# %PROCEDURE: filter
# %ARGUMENTS:
# entity -- a Mime::Entity object (see MIME-tools documentation for 
details)
# fname -- the suggested filename, taken from the MIME 
Content-Disposition:
# header. If no filename was suggested, then fname is ""
# ext -- the file extension (everything from the last period in the 
name
# to the end of the name, including the period.)
# type -- the MIME type, taken from the Content-Type: header.
#
# NOTE: There are two likely and one unlikely place for a filename to
# appear in a MIME message: In Content-Disposition: filename, in
# Content-Type: name, and in Content-Description. If you are paranoid,
# you will use the re_match and re_match_ext functions, which return 
true
# if ANY of these possibilities match. re_match checks the whole name;
# re_match_ext checks the extension. See the sample filter below for 
usage.
# %RETURNS:
# Nothing
# %DESCRIPTION:
# This function is called once for each part of a MIME message.
# There are many action_*() routines which can decide the fate
# of each part; see the mimedefang-filter man page.
#***********************************************************************
sub filter {
  my($entity, $fname, $ext, $type) = < at >_;

return if message_rejected(); # Avoid unnecessary work

# Block message/partial parts
  if (lc($type) eq "message/partial") {
  md_graphdefang_log('message/partial');
  action_bounce("MIME type message/partial not accepted here");
  return action_discard();
  }

# Uncomment to enable bad extension filtering for MIME messages.
# if (filter_bad_filename($entity)) {
# md_graphdefang_log('bad_filename', $fname, $type);
# return action_drop_with_warning("An attachment named $fname was 
removed from this document as itnconstituted a security hazard. If you 
require this document, please contactnthe sender and arrange an 
alternate means of receiving it.n");
# }

return action_accept();
}

#***********************************************************************
# %PROCEDURE: filter_multipart
# %ARGUMENTS:
# entity -- a Mime::Entity object (see MIME-tools documentation for 
details)
# fname -- the suggested filename, taken from the MIME 
Content-Disposition:
# header. If no filename was suggested, then fname is ""
# ext -- the file extension (everything from the last period in the 
name
# to the end of the name, including the period.)
# type -- the MIME type, taken from the Content-Type: header.
# %RETURNS:
# Nothing
# %DESCRIPTION:
# This is called for multipart "container" parts such as 
message/rfc822.
# You cannot replace the body (because multipart parts have no body),
# but you should check for bad filenames.
#***********************************************************************
sub filter_multipart {
  my($entity, $fname, $ext, $type) = < at >_;

return if message_rejected(); # Avoid unnecessary work

# Uncomment to enable bad extension filtering for multipart messages.
# if (filter_bad_filename($entity)) {
# md_graphdefang_log('bad_filename', $fname, $type);
# action_notify_administrator("A MULTIPART attachment of type $type, 
named $fname was dropped.n");
# return action_drop_with_warning("An attachment of type $type, named 
$fname was removed from this document as itnconstituted a security 
hazard. If you require this document, please contactnthe sender and 
arrange an alternate means of receiving it.n");
# }

# Block message/partial parts
  if (lc($type) eq "message/partial") {
  md_graphdefang_log('message/partial');
  action_bounce("MIME type message/partial not accepted here");
  return;
  }

return action_accept();
}

#***********************************************************************
# %PROCEDURE: defang_warning
# %ARGUMENTS:
# oldfname -- the old file name of an attachment
# fname -- the new "defanged" name
# %RETURNS:
# A warning message
# %DESCRIPTION:
# This function customizes the warning message when an attachment
# is defanged.
#***********************************************************************
sub defang_warning {
  my($oldfname, $fname) = < at >_;
  return
  "An attachment named '$oldfname' was converted to '$fname'.n" .
  "To recover the file, right-click on the attachment and Save Asn" .
  "'$oldfname'n";
}

# If SpamAssassin found SPAM, append report. We do it as a separate
# attachment of type text/plain
sub filter_end {
  my($entity) = < at >_;

# If you want quarantine reports, uncomment next line
  # send_quarantine_notifications();

# IMPORTANT NOTE: YOU MUST CALL send_quarantine_notifications() AFTER
  # ANY PARTS HAVE BEEN QUARANTINED. SO IF YOU MODIFY THIS FILTER TO
  # QUARANTINE SPAM, REWORK THE LOGIC TO CALL 
send_quarantine_notifications()
  # AT THE END!!!

# No sense doing any extra work
  return if message_rejected();

# Spam checks if SpamAssassin is installed
  if ($Features{"SpamAssassin"}) {
  if (-s "./INPUTMSG" < 100*1024) {
  # Only scan messages smaller than 100kB. Larger messages
  # are extremely unlikely to be spam, and SpamAssassin is
  # dreadfully slow on very large messages.
  my($hits, $req, $names, $report) = spam_assassin_check();
  my($score);
  if ($hits < 40) {
  $score = "*" x int($hits);
  } else {
  $score = "*" x 40;
  }
  # We add a header which looks like this:
  # X-Spam-Score: 6.8 (******) NAME_OF_TEST,NAME_OF_TEST
  # The number of asterisks in parens is the integer part
  # of the spam score clamped to a maximum of 40.
  # MUA filters can easily be written to trigger on a
  # minimum number of asterisks...
  if ($hits >= $req) {
  action_change_header("X-Spam-Score", "$hits ($score) $names");
  md_graphdefang_log('spam', $hits, $RelayAddr);

# If you find the SA report useful, add it, I guess...
  action_add_part($entity, "text/plain", "-suggest",
  "$reportn",
  "SpamAssassinReport.txt", "inline");
  } else {
  # Delete any existing X-Spam-Score header?
  action_delete_header("X-Spam-Score");
  }
  }
  }

# I HATE HTML MAIL! If there's a multipart/alternative with both
  # text/plain and text/html parts, nuke the text/html. Thanks for
  # wasting our disk space and bandwidth...

# If you want to strip out HTML parts if there is a corresponding
  # plain-text part, uncomment the next line.
  # remove_redundant_html_parts($entity);

md_graphdefang_log('mail_in');

# Deal with malformed MIME.
  # Some viruses produce malformed MIME messages that are misinterpreted
  # by mail clients. They also might slip under the radar of MIMEDefang.
  # If you are worried about this, you should canonicalize all
  # e-mail by uncommenting the action_rebuild() line. This will
  # force _all_ messages to be reconstructed as valid MIME. It will
  # increase the load on your server, and might break messages produced
  # by marginal software. Your call.

# action_rebuild();

# Uncomment to prepend '[SPAM] ' to the subject of X-Spam-Status tagged 
mails.
  if (spam_assassin_is_spam()) { action_change_header("Subject", "[SPAM] 
$Subject"); }

# If the file(s) /etc/mail/disclaimer.txt and/or 
/etc/mail/disclaimer.html
  # are present, they will be appended to all outgoing mails.
  # Modify 192.168.1 to match your local network(s).
  if ($RelayAddr =~ /192.168.0./ or $RelayAddr eq "127.0.0.1") {
  my $disclaimer = '/etc/mail/disclaimer.txt';
  my $disclaimer_html = '/etc/mail/disclaimer.html';

if (-e $disclaimer) {
  open FILE, "<$disclaimer";
  my $text_boilerplate = do { local $/; <FILE> };
  append_text_boilerplate($entity, $text_boilerplate, 0);
  }
  if (-e $disclaimer_html) {
  open FILE, "<$disclaimer_html";
  my $html_boilerplate = do { local $/; <FILE> };
  append_html_boilerplate($entity, $html_boilerplate, 0);
  }
  }
}

# Uncomment to disable filtering mails sent from localhost
# (mimedefang(8) must be stated with the `-r' flag).
#sub filter_relay {
  # my ($ip, $name) = < at >_;
  # if ($ip eq '127.0.0.1') {
  # return ('ACCEPT_AND_NO_MORE_FILTERING', "ok");
  # }

# return ('CONTINUE', "ok");
#}

# DO NOT delete the next line, or Perl will complain.
1;

--
Wesley