Mailing List Archive: Conditional drive me nuts!

Conditional drive me nuts!

Jun 11, 2002, 9:39 AM

Post #1 of 8 (1166 views)

OK - I need a little help here. Trying to make spam assassin work and I
need a conditional and the language drives me nuts.

I need a something like this

condition = "${if {def:h_X-Spam-Status:}{no}{yes}}"

but that doesn't work.

I want a condition that will allow me to test if the message has already
been touched by spam assassin and return true if it has not.

I think this is the last piece I need to make this work.

Thanks in advance.

Re: Conditional drive me nuts! [ In reply to ]

scott at smnolde

Jun 11, 2002, 9:52 AM

Post #2 of 8 (1150 views)

Marc Perkel(marc@perkel.com)@2002.06.11 09:39:04 +0000:
> OK - I need a little help here. Trying to make spam assassin work and I
> need a conditional and the language drives me nuts.
>
> I need a something like this
>
> condition = "${if {def:h_X-Spam-Status:}{no}{yes}}"
>
> but that doesn't work.
>
> I want a condition that will allow me to test if the message has already
> been touched by spam assassin and return true if it has not.
>
> I think this is the last piece I need to make this work.
>
> Thanks in advance.
>
>

# Spam Assassin
spamcheck_director:
# When to scan a message :
# - it isn't already flagged as spam
# - it isn't already scanned
# - it didn't originate locally (as long as I don't harbor
# spammers :-))
condition = "${if and { \
{!def:h_X-Spam-Flag:} \
{!eq {$received_protocol}{spam-scanned}} \
{!eq {$received_protocol}{local}} \
} {1}{0}}"
driver = smartuser
transport = spamcheck

--
Scott Nolde
GPG Key 0xD869AB48

Re: Conditional drive me nuts! [ In reply to ]

Jun 11, 2002, 11:08 AM

Post #3 of 8 (1157 views)

Thanks Scott - but I tried that - and I get message looping as if it
doesn't see the $recieved_protocol information.

One thing I should say is - I'm running virtual email - and I don't have
real users in my /etc/passwd file. If that makes a difference.

Why doesn't the $recieved_protocol test work for me?

Scott M. Nolde wrote:

># Spam Assassin
>spamcheck_director:
> # When to scan a message :
> # - it isn't already flagged as spam
> # - it isn't already scanned
> # - it didn't originate locally (as long as I don't harbor
> # spammers :-))
> condition = "${if and { \
> {!def:h_X-Spam-Flag:} \
> {!eq {$received_protocol}{spam-scanned}} \
> {!eq {$received_protocol}{local}} \
> } {1}{0}}"
> driver = smartuser
> transport = spamcheck
>
>
>
>

Re: Conditional drive me nuts! [ In reply to ]

Jun 11, 2002, 11:21 AM

Post #4 of 8 (1159 views)

--
[ Picked text/plain from multipart/alternative ]
I think I have it now - my problem involved running as a trusted user. I
ran as root and it seems to wirk - but should i make "mail " and trusted
user - and how do I do that?

Scott M. Nolde wrote:

>Marc Perkel(marc@perkel.com)@2002.06.11 09:39:04 +0000:
>
>
>>OK - I need a little help here. Trying to make spam assassin work and I
>>need a conditional and the language drives me nuts.
>>
>>I need a something like this
>>
>> condition = "${if {def:h_X-Spam-Status:}{no}{yes}}"
>>
>>but that doesn't work.
>>
>>I want a condition that will allow me to test if the message has already
>>been touched by spam assassin and return true if it has not.
>>
>>I think this is the last piece I need to make this work.
>>
>>Thanks in advance.
>>
>>
>>
>>
>
># Spam Assassin
>spamcheck_director:
> # When to scan a message :
> # - it isn't already flagged as spam
> # - it isn't already scanned
> # - it didn't originate locally (as long as I don't harbor
> # spammers :-))
> condition = "${if and { \
> {!def:h_X-Spam-Flag:} \
> {!eq {$received_protocol}{spam-scanned}} \
> {!eq {$received_protocol}{local}} \
> } {1}{0}}"
> driver = smartuser
> transport = spamcheck
>
>
>
>

--

Re: Conditional drive me nuts! [ In reply to ]

scott at smnolde

Jun 11, 2002, 11:24 AM

Post #5 of 8 (1165 views)

Marc Perkel(marc@perkel.com)@2002.06.11 11:08:04 +0000:
>
> Thanks Scott - but I tried that - and I get message looping as if it
> doesn't see the $recieved_protocol information.
>
> One thing I should say is - I'm running virtual email - and I don't have
> real users in my /etc/passwd file. If that makes a difference.
>
> Why doesn't the $recieved_protocol test work for me?
>
> Scott M. Nolde wrote:
>
> ># Spam Assassin
> >spamcheck_director:
> > # When to scan a message :
> > # - it isn't already flagged as spam
> > # - it isn't already scanned
> > # - it didn't originate locally (as long as I don't harbor
> > # spammers :-))
> > condition = "${if and { \
> > {!def:h_X-Spam-Flag:} \
> > {!eq {$received_protocol}{spam-scanned}} \
> > {!eq {$received_protocol}{local}} \
> > } {1}{0}}"
> > driver = smartuser
> > transport = spamcheck
> >

Well, that works for me. The spamcheck transport looks like this for me:
spamcheck:
driver = pipe
command = "/usr/local/bin/spamc -f | /usr/local/sbin/exim -oMr \
spam-scanned -i -f \"${if eq {${sender_address}}{} \
{mailer-daemon}{${sender_address}}}\" -- \"\\$LOCAL_PART\""
use_shell = true
home_directory = "/etc/mail/spamassassin"
current_directory = "/tmp"
# must use a privileged user to set $received_protocol on the way back in!
user = sendmail
group = mail
path = "/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin"
log_output = true
return_fail_output = true
prefix =
suffix =
check_string =
escape_string =
return_path_add = false

And another few checks:
- is spamd running?
- is the spamassassin director the first director?
- and can you provide some debugs if any of the above don't weork?
--
Scott Nolde
GPG Key 0xD869AB48

Re: Conditional drive me nuts! [ In reply to ]

gward at mems-exchange

Jun 11, 2002, 11:42 AM

Post #6 of 8 (1152 views)

On 11 June 2002, Marc Perkel said:
> Why doesn't the $recieved_protocol test work for me?

It might help if you spelled "received" correctly: remember, I before E
except after C!

Greg

Re: Conditional drive me nuts! [ In reply to ]

Jun 11, 2002, 12:58 PM

Post #7 of 8 (1161 views)

--
On Tue, Jun 11, 2002 at 11:21:15AM -0700, Marc Perkel wrote:

| should i make "mail " and trusted user

Yes, I would.

| and how do I do that?

trusted_users = mail

-D

--

Pleasant words are a honeycomb,
sweet to the soul and healing to the bones.
Proverbs 16:24

Jabber ID : dman@dman.ddts.net
GnuPG key : http://dman.ddts.net/~dman/public_key.gpg
--
[ Content of type application/pgp-signature deleted ]
--

Re: Conditional drive me nuts! [ In reply to ]

Jun 11, 2002, 1:00 PM

Post #8 of 8 (1160 views)

--
On Tue, Jun 11, 2002 at 02:24:45PM -0400, Scott M. Nolde wrote:

| Well, that works for me. The spamcheck transport looks like this for me:
| spamcheck:
| driver = pipe
| command = "/usr/local/bin/spamc -f | /usr/local/sbin/exim -oMr \
| spam-scanned -i -f \"${if eq {${sender_address}}{} \
| {mailer-daemon}{${sender_address}}}\" -- \"\\$LOCAL_PART\""
| use_shell = true

Oh, this is an old setup. It is subject to (potential) exploits by
some various exploits due to
1) shell metacharacters in addresses
2) an address such as "foo@bar.com"@your.domain being relayed

You should upgrade to the better transport config Nigel devised, as
shown in
http://dman.ddts.net/~dman/config_docs/

-D

--

Be sure of this: The wicked will not go unpunished,
but those who are righteous will go free.
Proverbs 11:21

Jabber ID : dman@dman.ddts.net
GnuPG key : http://dman.ddts.net/~dman/public_key.gpg
--
[ Content of type application/pgp-signature deleted ]
--