Another question about rulesets...

Julian Field MailScanner at ecs.soton.ac.uk
Fri Apr 4 22:38:53 IST 2008 

You are suffering from an inevitable problem when a message has multiple 
recipients. MailScanner does not split messages into 
1-recipient-per-message itself. If you want to do that, you have to do 
it separately. This is quite possible in MailScanner using 'queue 
groups' and has been fairly well documented here before. I believe it is 
possible in other MTAs as well. I will leave that to other people to 
explain to you, once you have told us what MTA you are using.

The other, easier, alternative that *may* do what you want is to use the 
MailScanner.conf setting "Use Default Rules With Multiple Recipients". 
The comments above that explain what its effects are.

Hope that helps get you going in the right direction,
Jules.

Philip Butler wrote:
> Hi all,
>
> I have another question about rulesets.  I am trying to sign outgoing 
> messages with a signature.
>
> Here is my ruleset.  'domain123.com' and 'domain456.com' are "my" test 
> domains (not really mine, but using this as a test).
>
> -------------
> From:    *@domain123.com and to: *@domain123.com    no
> From:    *@domain123.com and to: *@domain456.com    no
> From:    *@domain123.com    yes
> From:    *@domain456.com and to: *@domain123.com    no
> From:    *@domain456.com and to: *@domain456.com    no
> From:    *@domain456.com    yes
>
> FromOrTo:    default        no
> -------------
>
>
> It works properly if there is one recipient (internal/external) but 
> the problem is that when I send from test1 at domain123.com to 
> test2 at domain123.com AND test at anotherdomain.com, the message does not 
> get signed.  In other words, if ANY recipient is from a local domain, 
> then the message does not get signed.  I would prefer it to be the 
> other way around.
>
> Any suggestions as to how I can change the ruleset ??  In a way, I want:
>
> -------------
> # incoming messages not signed
> From:    NOT *@domain123.com and to: *@domain123.com    no
> From:    NOT *@domain123.com and to: *@domain456.com    no
> From:    NOT *@domain456.com and to: *@domain123.com    no
> From:    NOT *@domain456.com and to: *@domain456.com    no
>
> # internal messages not signed
> From:    *@domain123.com and ONLY to: *@domain123.com    no
> From:    *@domain123.com and ONLY to: *@domain456.com    no
> From:    *@domain456.com and ONLY to: *@domain123.com    no
> From:    *@domain456.com and ONLY to: *@domain456.com    no
>
> # All others signed - including mixed local/non-local recipients
> FromOrTo:    default        yes
> -------------
>
>
> Also, I tried adding:
>
> ----
> From:  10.1.1.0/255.255.255.0 and to: *@domain123.com  no
> From:  10.1.1.0/255.255.255.0 and to: *@domain456.com  no
> From:  10.1.1.0/255.255.255.0  yes
> From:  10.34.56.0/255.255.255.0 and to: *@domain123.com  no
> From:  10.34.56.0/255.255.255.0 and to: *@domain456.com  no
> From:  10.34.56.0/255.255.255.0  yes
> ----
>
> to the ruleset (10.1.1.0 and 10.34.56.0 are "internal" networks) and I 
> kept getting defunct mailscanner processes.  This is based on a 
> previous email response from Julian.  I am running MS 4.66.5 - I 
> haven't upgraded to the latest and greatest yet.  Do I have a syntax 
> problem here ??
>
> Phil
>

Jules

-- 
Julian Field MEng CITP CEng
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store

MailScanner customisation, or any advanced system administration help?
Contact me at Jules at Jules.FM

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
PGP public key: http://www.jules.fm/julesfm.asc


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the MailScanner mailing list