Nested rulesets or Multiple ruleset conditions

Julian Field mailscanner at ecs.soton.ac.uk
Mon Dec 15 09:10:55 GMT 2003


At 21:28 14/12/2003, you wrote:
>I have a need to use a nested ruleset within MS.  Is this possible?

Not directly in a ruleset, no. Sorry about that.

What you would need is a short Custom Function to do it. There are plenty
of examples in CustomConfig.pm, the shortest of which is at the start of
the file (a skeleton framework to work from). You would end up with
something like this:

my $OutgoingQueueDefault = '/var/spool/postfix/incoming';
my $OutgoingQueueSpecial = '/var/spool/postfix.thirdparty/incoming';
my $OutgoingQueueSpecialIP = '192.168.0.29';
my $OutgoingQueueMyDomain = 'mycompany.com';

sub InitOutgoingQueue {
   # No initialisation needs doing here at all.
   MailScanner::Log::InfoLog("Initialising OutgoingQueue to %s",
$OutgoingQueueSpecial);
}

sub EndOutgoingQueue {
   # No shutdown code needed here at all.
   # This function could log total stats, close databases, etc.
   MailScanner::Log::InfoLog("Ending OutgoingQueue");
}

# This will return 1 for all messages except those generated by this
# computer.
sub OutgoingQueue{
   my($message) = @_;

   return $OutgoingQueueDefault unless $message; # Default if no message
passed in

   return $OutgoingQueueSpecial if $message->{clientip} eq
$OutgoingQueueSpecialIP && $message->{fromdomain} eq $OutgoingQueueMyDomain;

   return $OutgoingQueueDefault;
}

Then in your MailScanner.conf set this:
OutgoingQueueDir = &OutgoingQueue

Notes
=====
a) my mail client will probably have wrapped that in all sorts of nasty
places, so you'll need to be careful.
b) I haven't tested this code at all. If you are really lucky it might even
compile (do a "perl -c CustomConfig.pm" to iron out the syntax errors
before you try running it).
c) You don't have the call the functions "OutgoingQueue". "Fred" will work
just as well. But you do need "sub InitFred", "sub EndFred" and "sub Fred"
itself.


>   I am
>unable to find anything in the documentation about this.
>
>To help understand my reason here is my scenario...
>
>One division of my company needs to relay (almost) all email off a third
>party (they provide virus scanning services, its political & not something I
>can change).  We have a central SMTP server that runs Postfix & MS and I am
>able to send route all email successfully by having 2 outbound Postfix
>queues (and 2 instances of outbound postfix), the first queue delivers
>directly while the second sends all email to the relay (for scanning etc).
>I did this by using a ruleset on the outbound queue config line (works
>great), all email from that server (192.168.0.29) is put in the second queue
>and off she goes.  The problem is that there is one mailbox on that server
>that should not be sent via the second queue (I can't go into details why,
>it just can't :-), that server is running MSExchange 5.5 so my email routing
>options are very limited.
>My way of thinking is to implement a nested ruleset that looks like this...
>
>ruleset1.rules
>From:           192.168.0.29
>/opt/MailScanner/etc/rules/ruleset2.rules
>FromorTo:       default                 /var/spool/postfix/incoming
>
>ruleset2.rules
>From:           *@mycompany.com /var/spool/postfix.thirdparty/incoming
>FromOrTo:       default                 /var/spool/postfix/incoming
>
>To avoid mail routing loops (if that's possible) I don't want to just have
>one ruleset with *@mycompany.com as some of our monitoring equipment uses an
>@mycompany.com email address and they are sent to @mycompany.com addresses.
>
>Or is it possible to have multiple conditions in the ruleset, e.g. From:
>192.168.0.29 AND *@mycompany.com?
>
>I hope that all makes sense, maybe I'm just looking at this the wrong way,
>please feel free to provide suggestions on how I might do this better.
>Thank you for your time.
>
>Cheers,
>Mark
>
>
>_____________________________________________________________________
>CONFIDENTIALITY: This e-mail and any attachments are confidential and may
>be privileged. If you are not a named recipient,please notify the sender
>immediately and do not disclose the contents to another person, use it for
>any purpose or store or copy the information in any medium.

--
Julian Field
www.MailScanner.info
MailScanner thanks transtec Computers for their support

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654



More information about the MailScanner mailing list