Barrett Consulting Group Sendmail Page
dont use, too old
What you currently can find here:
A "milter" based filter for sendmail 8.12.X which gets rid of
nearly all the bad attachements (exe,bat,com,js,...,vbs,...) and reanmes
them to *@XXX, and optionally gets rid of the HMTL based part of email
of SCRIPT based stuff only, rejects certain mail which have attachements.
- it is currently in beta stage, please be aware of this.
- I have started looking into developping it with one other person whose filter has
some features my filter does not have and vice versa.
- use it in combination with a virus scanner
Probably make the support in a way that it will be able to use a variety.
- re-entrant code
- checking attachements over a large range of blocks.
- bug fixes (see code)
Milter based Sendmail (8.12.X) filter.
What it does
- find HTML tags and wipes anything between (option -h)
- find SCRIPT tags and wipes anything between
- find OBJECT tags and wipes anything between
- find attachments, checks the name and if it matches certain extension, replaces them
- sends messages to the syslog (everytime)
- finds particular attachemnents and rejects the mail (sends mail to both, receiver and postmaster)
- saves the "bad" message to /etc/mail/FilteredMessages (with recv,sender and message num)
- sendmail version greater (or equal to) 8.12.X
- directory /etc/mail/FilteredMessageFiles must exist and root writeable
OS tested on
- Linux, it has been running without crashing for
11 days now and we get plenty of mail from different
places, machines, mailers, os's etc.
- I'd love to hear from other people who used it!!!
Find the bugs, please!
- libmilter/README it explains what to do
- some of the source code of sendmailfilter.c (sorry manual isnt available yet)
Setup for the sendmail mc file
Include the two follwing lines into you sendmail.mc file and
compile it using the m4 macro processor. (see cf/README)
Note: it does not matter how you name the filter, this is only
used for sendmails config file. However the name of the soccket you specify
here must be the same you specify when you start sendmailfilter!
How to compile it
- Copy the filter into a directory called "/usr/local/src/sendmailfilters"
- Edit the file and replace the "your.domain.com" with your domain name.
(this is required for internal mail check and postmaster address)
- Edit the file and comment out some of the debug messages "dfprintf(...)"
or else it will fill up your logs, there is a fair amount of them in it.
It fills up my maillogs very regular!
You might want to keep them first to see the filter in "action".
It logs the normal stuff to the system logs
and the debug messages to /usr/local/src/sendmailfilters/sendmailfilter.log!
- Make yourself a Makefile and put into it:
all: sendmailfilter codetest
gcc -o $@ $? $(CFLAGS) $(LIBS) -lresolv -lnsl -lpthread
- compile it using
How to run the filter
Remove the old socket and then run the program:
sendmailfilter -h -p unix:/var/run/f1.sock
where the options are:
- -h: OPTIONAL turn on html wipe (if somebody sends html only you will not see anything but you do not get
those stupid advertisings either.....)
- -i: OPTIONAL check internal based mail too
- -p socket: REQUIRED connects to the specified socket.
If this returns straight away, something is wrong.
Increase debugging level to see whats wrong.
- A friend (sadly he died in a Kajak Accident) of mine constantly sent me different files from different mailers
from different OS's. He made me aware of a few bugs, he used the program as well.
- I have send to the filter the following files in various orders and combinations (till it survived)
with vcard/without vcard attachment, using HTML/SCRIPTS, html only etc:
explorer.exe, addusers.vbs, gina.c, gina.g, ginasetup.exe, resume.doc(yes the one), no attachments,
various dll, some word docs, atmcntrl.exe, netscape.exe (yes that big one), mpg's, tgz, tar etc etc.
Currently its stable.
- no configuration file, changes must be made to the program by hand (careful, dont break the glass of the screen!).
[an error occurred while processing this directive]