adding renattach to MailScanner+Postfix

Jonathan Higgins jhiggins at KENNESAW.EDU
Wed Apr 13 15:24:43 IST 2005


    [ The following text is in the "ISO-8859-1" character set. ]
    [ Your display is set for the "US-ASCII" character set.  ]
    [ Some characters may be displayed incorrectly. ]

I need to implement renaming extensions instead of just modifying the
subject, or blocking certain extensions(filenames) or filetypes.
 
software build:
  RHEL AS 3.0
  postfix-2.0.16-14.RHEL3
  MailScanner 4.39.5
  spamassassin-3.0.2-1
  clamav-0.83-1.1.el3.rf
  renattach-1.2.2
 
First thing I did was disable filename and filetype checking in
MailScanner.conf by adding a "#" infront of the rules.
#Filename Rules = %etc-dir%/filename.rules.conf
#Filetype Rules = %etc-dir%/filetype.rules.conf
 
Second thing, I installed renattach using the instructions for Postfix
Integration at http://www.pc-tools.net/unix/renattach/INSTALL
which, in short tells you to modify the master.cf postfix config file.
add:
  filter    unix  -       n       n       -       -       pipe
        flags=q user=filter argv=renattach -p sendmail -i -f ${sender} --
${recipient}
modify:
   smtp      inet  n       -       n       -       -       smtpd
        -o content_filter=filter
 
This works for the most part, but here is where the problem starts to
creep up.
 
The postfix+MailScanner instructions at
http://www.sng.ecs.soton.ac.uk/mailscanner/install/postfix.shtml
tell me to add
  header_checks = regexp:/etc/postfix/header_checks
to /etc/postfix/main.cf
and create the file /etc/postfix/header_checks with the following
contents:
 /^Received:/ HOLD
 
Here is the problem:
When I send an email:
1.  Postfix puts the email into HOLD.
2.  MailScanner picks it up and does its thing.
3.  The content filter sends the email to renattach
4.  Renattach finishes with the email and reinjects it
5.  Reinjected email goes into HOLD.
6.  MailScanner picks it up and does its thing.
7.  Message is delivered.
 
Ok, if you don't see it, The email message is processed through
MailScanner 2x.
 
I took a look at http://www.postfix.org/FILTER_README.html#simple_filter
which shows how email moves around between all the processes that make up
postfix.
There is a nice pretty picture that shows the content filter after the
qmgr.  I guess that's why they call it "After-Queue Content Filter"
 
The point being that after the queue, and after the content filter, the
email is reinjected using pickup and then eventually passed to cleanup,
which does another "header_check" and stuffs the email into the HOLD
queue again.
 
Some things I tried to fix this.
First fix attempt:
I tried to tell postfix to knock it off by modifying the master.cf as
follows:
  smtp      inet  n       -       n       -       -       smtpd
       -o content_filter=filter
       -o receive_override_options=no_header_body_checks
 
This didn't solve the problem, and to be honest, im not sure if its
effecting anything.
I did some more research under the advanced filter options for postfix,
with no help there.
 
Second fix attempt:
I had the thought that I could just modify the generic virus scanner and
fit renattach into MailScanner.
After creating a renattach-wrapper, modifying MailScanner.conf, and
SweepViruses.pm, I started running into weird errors, including the debug
message "can't find EOCD signature".
 
I had chopped up a few too many files, because after I cleaned out what I
thought I had just done, it was still fairly broken.  Im sure that was my
fault, so I cleaned everything out and rebuilt my MailScanner install
fresh, and got back to square one.
 
Ok, so what Im looking for is a solution to this problem.  It would be
beneficial to have the solution be part of MailScanner.  Im not married
to renattach, but it was one of the first programs out there that does
what I need.
 
Thanks
 
 
 
 
 
 
 
 
 
 
 
 
Jonathan Higgins
IT R&D Project Manager
Kennesaw State University
jhiggins at kennesaw.edu
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/)
and the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!



More information about the MailScanner mailing list