Fetchmail and MailScanner

Wed Aug 20 15:34:49 IST 2008

2008/8/20 Julian Field <MailScanner at ecs.soton.ac.uk>:
>
>
> Alex Broens wrote:
>>
>> On 8/20/2008 11:46 AM, Alex Broens wrote:
>>>
>>> On 8/20/2008 11:22 AM, Ismail OZATAY wrote:
>>>>
>>>> Hi Edward ,
>>>>
>>>> I always read every incoming mail carefully. Also i know that Fabio
>>>> Silva 's
>>>> problem is still going on because using smtphost setting will never fix
>>>> that
>>>> problem. Fetchmail is routing all emails to smtp so source seems
>>>> interface's
>>>> ip which is set before by smtphost.
>>>>
>>>> Here is my .fetchmailrc file;
>>>>
>>>> set daemon 20
>>>> set syslog
>>>> set postmaster root
>>>> set invisible
>>>> poll mail.test.net with proto POP3 and options no dns
>>>>        user 'test' with pass "123456"  is 'realuser at internal.net'
>>>>        keep
>>>>        norewrite
>>>>        smtphost 192.168.100.3
>>>>
>>>> Here is my incmoing mail header ;
>>>>
>>>> Received: from mail.test.net (mail.internal.net [192.168.100.3])
>>>>    by mail.ismail.net (Postfix) with ESMTP id 99A49E8288
>>>>    for <realuser at internal.net>; Wed, 20 Aug 2008 09:55:27 +0300 (EEST)
>>>>
>>>> As you see coming source is 192.168.100.3 so mailscanner thinks that it
>>>> is
>>>> localhost. My question was how can i leave message source untouched ?
>>>>
>>>> Thanks Edward  :)
>>>>
>>>> Regards,
>>>>
>>>> ismail
>>>>
>>>>
>>>> ----- Original Message ----- From: "Edward Dekkers" <edward at tdcs.com.au>
>>>> To: "'MailScanner discussion'" <mailscanner at lists.mailscanner.info>
>>>> Sent: Wednesday, August 20, 2008 10:58 AM
>>>> Subject: RE: Fetchmail and MailScanner
>>>>
>>>>
>>>>> Hi all,
>>>>>
>>>>> I am using fetchmail as a pop connector. It downloads a lot of pop3
>>>>> inbox
>>>>> from some isps and it works properly. Today i installed postfix and
>>>>> mailscanner for filtering virus and spam mails on the same server but
>>>>> there
>>>>> is something wrong with mail headers. Because mail header says that
>>>>> mail
>>>>> coming from localhost 127.0.0.1 which is already whitelisted. So every
>>>>> incoming mail is tagged as clean. How can i fix this problem ? Can i
>>>>> send
>>>>> incoming mails to smtp with the original header?
>>>
>>> doesn't the fetchmail "silent" switch do that for you?
>>
>> Sorry.. meant "invisible"
>>
>> The --invisible option (keyword: set invisible) tries to make fetchmail
>> invisible. Normally, fetchmail behaves like any other MTA would -- it
>> generates a Received header into each message describing its place in the
>> chain of transmission, and tells the MTA it forwards to that the mail came
>> from the machine fetchmail itself is running on. If the invisible option is
>> on, the Received header is suppressed and fetchmail tries to spoof the MTA
>> it forwards to into thinking it came directly from the mailserver host.
>
> But that still won't fool MailScanner. MailScanner uses the SMTP client
> address written into the email's envelope. The MTA takes this from the IP
> address of the machine talking to it in the SMTP session during which it
> received the message.
>
> So no matter what options you set on fetchmail, that can only ever be the IP
> address of the system itself, or localhost. So I fail to see how playing
> with fetchmail configurations can possibly make any difference to this.
>
> The only thing that would make a difference is for me to start parsing the
> first Received: header and pulling the IP addresses out of that. Which I
> currently only do when
> 1) you are using Postfix
> and
> 2) the Postfix envelope contains no IP address at all.
> I would have to generalise this code for all the MTAs I support.
>
> You would probably still have to tell fetchmail to not add its Received:
> header even so.
>
> Jules
Much simpler to just avoid MailScanner, while releasing from
quarantine (and thus not needing the WL of 127.0.0.1)... As per my
previous advice...

Cheers
-- 
-- Glenn
email: glenn < dot > steen < at > gmail < dot > com
work: glenn < dot > steen < at > ap1 < dot > se