anomy-list

Problem with Anomy/Postfix/SpamAssassin

From: Lucas Peet (63120@xyz.molar.is)
Date: Wed 06 Nov 2002 - 05:12:39 GMT

Next message: Lucas Peet: "Re: Problem with Anomy/Postfix/SpamAssassin"

Previous message: 62992@xyz.molar.is: "Re: Anomy + F-Prot for Linux (oops, typo)"
Next in thread: Lucas Peet: "Re: Problem with Anomy/Postfix/SpamAssassin"
Reply: Lucas Peet: "Re: Problem with Anomy/Postfix/SpamAssassin"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Mail actions: [ respond to this message ] [ mail a new topic ]

Hello,

I've been trying to get AnomySanitizer, SpamAssassin, and Postfix to all
work together.

I believe I have everything configured properly - and it seems to work,
unless I'm sending attachments of any kind. When I do, I get the
message bounced back saying "service unavailable. Command output:
Message Content rejected". I'm using Ximian Evolution 1.0.8 as my email
client. This is also the latest version of Anomy.

It seems to be something in the filter.sh script - it dies after running
through (what seems to be a successful) sanitize. I commented out the
line in filter.sh that removes the temp files. The out.$$ files look
like they have the mail message in them (with the modified content!),
but it never seems to get sent?

Any ideas?

Thanks,

-Lucas

Below is a maillog excerpt:

Nov 5 22:18:39 riodo postfix/qmgr[7455]: 42B742F300:
from=<63120@xyz.molar.is>, size=890, nrcpt=1 (queue active)
Nov 5 22:18:39 riodo postfix/smtpd[7501]: disconnect from
unknown[10.0.0.2]
Nov 5 22:18:40 riodo postfix/pipe[7472]: 42B742F300:
to=<63205@xyz.molar.is>,
relay=filter, delay=1, status=bounced (service unavailable. Command
output: Message content rejected )
Nov 5 22:18:40 riodo postfix/cleanup[7489]: 0F7D52F303:
message-id=<63244@xyz.molar.is>
Nov 5 22:18:40 riodo postfix/qmgr[7455]: 0F7D52F303: from=<>,
size=2501, nrcpt=1 (queue active)
Nov 5 22:18:40 riodo postfix/local[7510]: 0F7D52F303:
to=<63120@xyz.molar.is>, relay=local, delay=0, status=sent (maildir)

Here is the script that is running the filter:

#!/bin/sh
#
# filter.sh
#
# Simple filter to plug Anomy Sanitizer and SpamAssassin
# into the Postfix MTA
#
# From http://advosys.ca/papers/postfix-filtering.html
# Advosys Consulting Inc., Ottawa
#
# For use with:
# Postfix 20010228 or later
# Anomy Sanitizer revision 1.49 or later
# SpamAssassin 2.42 or later
#
# Note: Modify the file locations to match your particular
# server and installation of SpamAssassin.

# File locations:
# (CHANGE AS REQUIRED TO MATCH YOUR SERVER)
INSPECT_DIR=/var/spool/mailfilter
SENDMAIL=/usr/sbin/sendmail
ANOMY=/usr/local/anomy
ANOMY_CONF=/usr/local/anomy/anomy.conf
SPAMASSASSIN=/usr/bin/spamassassin

export ANOMY

# Exit codes from <sysexits.h>
EX_TEMPFAIL=75
EX_UNAVAILABLE=69

cd $INSPECT_DIR || { echo $INSPECT_DIR does not exist; exit
$EX_TEMPFAIL; }

# Clean up when done or when aborting.
#trap "rm -f in.$$; rm -f out.$$" 0 1 2 3 15

cat | $SPAMASSASSIN -x | $ANOMY/bin/sanitizer.pl \
$ANOMY_CONF 2>>/tmp/anomy.log > out.$$ || \
{ echo Message content rejected; exit $EX_UNAVAILABLE; }

$SENDMAIL "$@" < out.$$

exit $?

And here are the lines from /etc/postfix/master.cf:

smtp inet n - y - - smtpd -o
content_filter=filter:
...
...
filter unix - n n - - pipe
user=filter argv=/usr/local/anomy/filter.sh -f ${sender} -- ${recipient}

And finally, an excerpt from anomy.log:

<Sanitizer start="1036544056">
  <ParseHeader>
    <reply-to value="Lucas Peet <63120@xyz.molar.is>">Using %value%
as reply-to address.</reply-to>
    <errors-to value="Lucas Peet <63120@xyz.molar.is>">Using %value%
as errors address.</errors-to>
    <mime boundary="=-JPal2HYY9rw1wJG8AY+k" charset="iso-8859-1"
disposition="inline" encoding="8bit" type="multipart/mixed"
undecoded-boundary="=-JPal2HYY9rw1wJG8AY+k">Got MIME info:
%ATTRIBUTES%</mime>
  </ParseHeader>
  <parsed_header>Finished parsing message header.</parsed_header>
  <body DEFANGED_pos="578">Parsing body as multipart/*</body>
  <parser>CleanMultipart</parser>
  <parser>ParserUnclosedMultipart</parser>
  <Part pos="604">
    <ParseHeader>
      <mime boundary="" charset="iso-8859-1" disposition="inline"
encoding="7bit" type="text/plain">Got MIME info: %ATTRIBUTES%</mime>
    </ParseHeader>
    <body DEFANGED_pos="58">Parsing body as text/*</body>
    <parser>CleanText</parser>
    <SanitizeFile filename="unnamed.txt" mimetype="text/plain">
      <Check_Rule file="unnamed.txt"
list="(?i)(winmail.dat)|(\.(exe|com|vb[se]|dll|ocx|cmd|bat|pif|lnk|hlp|ms[ip]|reg|sct|inf|asd|cab|sh[sb]|scr|cpl|chm|ws[fhc]|hta|vcd|vcf|eml|nws))$" rule="1">Rule %rule%: %file% =~ %list%</Check_Rule>
      <Check_Rule file="unnamed.txt"
list="(?i)\.(doc|dot|txt|rtf|pdf|ps|htm|[sp]?html?|xls|xlw|xlt|csv|wk[1-4]|ppt|pps|pot|jpe?g|gif|png|tiff?|bmp|psd|pcx|vsd|drw|cdr|swf|mp3|avi|mpe?g|mov|ram?|mid|ogg|zip|g?z|rar|tgz|bz2|tar|[ch](pp|\+\+)?|s|inc|asm|patch|java|php\d?|jsp|bas)" rule="2">Rule %rule%: %file% =~ %list%</Check_Rule>
      <Match rule="2">
        <policy name="accept">Enforced policy: %name%</policy>
      </Match>
    </SanitizeFile>
  </Part>
  <Part pos="729">
    <ParseHeader>
      <mime boundary="" charset="iso-8859-1" disposition="attachment"
encoding="base64" filename="test.exe" name="test.exe"
type="application/x-ms-dos-executable">Got MIME info:
%ATTRIBUTES%</mime>
    </ParseHeader>
    <body DEFANGED_pos="147">Parsing body as DEFAULT.</body>
    <parser>CleanUnknown</parser>
    <SanitizeFile filename="test.exe"
mimetype="application/x-ms-dos-executable">
      <Check_Rule file="test.exe"
list="(?i)(winmail.dat)|(\.(exe|com|vb[se]|dll|ocx|cmd|bat|pif|lnk|hlp|ms[ip]|reg|sct|inf|asd|cab|sh[sb]|scr|cpl|chm|ws[fhc]|hta|vcd|vcf|eml|nws))$" rule="1">Rule %rule%: %file% =~ %list%</Check_Rule>
      <Match rule="1">
        <policy name="drop">Enforced policy: %name%</policy>
      </Match>
      <new-mimetype id="41220" value="text/plain">Replaced mime type
with: %value%</new-mimetype>
      <new-filename id="41220" value="DEFANGED-41220.txt">Replaced file
name with: %value%</new-filename>
    </SanitizeFile>
    <Writer pos="269">
      <mime boundary="" charset="iso-8859-1" disposition="inline"
encoding="8bit" filename="DEFANGED-41220.txt" name="DEFANGED-41220.txt"
type="text/plain">Set
MIME info to: %ATTRIBUTES%</mime>
    </Writer>
    <parser>ParserCat</parser>
  </Part>
</Sanitizer>
<modifications base="41220" end="41221" total="1">Total modifications so
far: %total%</modifications>
<Sanitizer start="1036544206">
  <ParseHeader>
    <reply-to value="Lucas Peet <63120@xyz.molar.is>">Using %value%
as reply-to address.</reply-to>
    <errors-to value="Lucas Peet <63120@xyz.molar.is>">Using %value%
as errors address.</errors-to>
    <mime boundary="=-bAaLd4oTdaSpyPWqZonu" charset="iso-8859-1"
disposition="inline" encoding="8bit" type="multipart/mixed"
undecoded-boundary="=-bAaLd4oTdaSpyPWqZonu">Got MIME info:
%ATTRIBUTES%</mime>
  </ParseHeader>
  <parsed_header>Finished parsing message header.</parsed_header>
  <body DEFANGED_pos="570">Parsing body as multipart/*</body>
  <parser>CleanMultipart</parser>
  <parser>ParserUnclosedMultipart</parser>
  <Part pos="596">
    <ParseHeader>
      <mime boundary="" charset="iso-8859-1" disposition="inline"
encoding="7bit" type="text/plain">Got MIME info: %ATTRIBUTES%</mime>
    </ParseHeader>
    <body DEFANGED_pos="58">Parsing body as text/*</body>
    <parser>CleanText</parser>
    <SanitizeFile filename="unnamed.txt" mimetype="text/plain">
      <Check_Rule file="unnamed.txt"
list="(?i)(winmail.dat)|(\.(exe|com|vb[se]|dll|ocx|cmd|bat|pif|lnk|hlp|ms[ip]|reg|sct|inf|asd|cab|sh[sb]|scr|cpl|chm|ws[fhc]|hta|vcd|vcf|eml|nws))$" rule="1">Rule %rule%: %file% =~ %list%</Check_Rule>
      <Check_Rule file="unnamed.txt"
list="(?i)\.(doc|dot|txt|rtf|pdf|ps|htm|[sp]?html?|xls|xlw|xlt|csv|wk[1-4]|ppt|pps|pot|jpe?g|gif|png|tiff?|bmp|psd|pcx|vsd|drw|cdr|swf|mp3|avi|mpe?g|mov|ram?|mid|ogg|zip|g?z|rar|tgz|bz2|tar|[ch](pp|\+\+)?|s|inc|asm|patch|java|php\d?|jsp|bas)" rule="2">Rule %rule%: %file% =~ %list%</Check_Rule>
      <Match rule="2">
        <policy name="accept">Enforced policy: %name%</policy>
      </Match>
    </SanitizeFile>
  </Part>
  <Part pos="707">
    <ParseHeader>
      <mime boundary="" charset="iso-8859-1" disposition="attachment"
encoding="base64" filename="test.exe" name="test.exe"
type="application/x-ms-dos-executable">Got MIME info:
%ATTRIBUTES%</mime>
    </ParseHeader>
    <body DEFANGED_pos="147">Parsing body as DEFAULT.</body>
    <parser>CleanUnknown</parser>
    <SanitizeFile filename="test.exe"
mimetype="application/x-ms-dos-executable">
      <Check_Rule file="test.exe"
list="(?i)(winmail.dat)|(\.(exe|com|vb[se]|dll|ocx|cmd|bat|pif|lnk|hlp|ms[ip]|reg|sct|inf|asd|cab|sh[sb]|scr|cpl|chm|ws[fhc]|hta|vcd|vcf|eml|nws))$" rule="1">Rule %rule%: %file% =~ %list%</Check_Rule>
      <Match rule="1">
        <policy name="drop">Enforced policy: %name%</policy>
      </Match>
      <new-mimetype id="195" value="text/plain">Replaced mime type with:
%value%</new-mimetype>
      <new-filename id="195" value="DEFANGED-195.txt">Replaced file name
with: %value%</new-filename>
    </SanitizeFile>
    <Writer pos="269">
      <mime boundary="" charset="iso-8859-1" disposition="inline"
encoding="8bit" filename="DEFANGED-195.txt" name="DEFANGED-195.txt"
type="text/plain">Set MIME info to: %ATTRIBUTES%</mime>
    </Writer>
    <parser>ParserCat</parser>
  </Part>
</Sanitizer>
<modifications base="195" end="196" total="1">Total modifications so
far: %total%</modifications>

Next message: Lucas Peet: "Re: Problem with Anomy/Postfix/SpamAssassin"
Previous message: 62992@xyz.molar.is: "Re: Anomy + F-Prot for Linux (oops, typo)"
Next in thread: Lucas Peet: "Re: Problem with Anomy/Postfix/SpamAssassin"
Reply: Lucas Peet: "Re: Problem with Anomy/Postfix/SpamAssassin"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Mail actions: [ respond to this message ] [ mail a new topic ]

hosted by molar.is