[Question] I'd like to alter Message-ID when releasing from quarantine

Richard Mealing richard at fastnet.co.uk
Mon Jul 23 22:07:55 UTC 2018


Hi Eoin,

Do your users without mua work on webmail only? If so, they should still be able to open attachments. Or are you referring to some ticket system or something else (.. for the no mua situation). If the email is released to the mailbox, you would ideally want a message delivered with that email to explain how dangerous it might be to open ☺

This should work -
Quarantine Infections = yes
Quarantine Silent Viruses = yes
Quarantine Modified Body = no
Quarantine Whole Message = yes
Quarantine Whole Messages As Queue Files = no

I am using pure sendmail and I haven’t ever made a postfix version before so I’ll leave that up to others to comment.

Thanks,
Rich

From: MailScanner <mailscanner-bounces+richard=fastnet.co.uk at lists.mailscanner.info> On Behalf Of Eoin Kim
Sent: Monday, July 23, 2018 22:48
To: MailScanner Discussion <mailscanner at lists.mailscanner.info>
Subject: RE: [Question] I'd like to alter Message-ID when releasing from quarantine

Hi Rich,

The problem I am having is when I release a message from quarantine using sendmail, the Exchange server doesn’t want to deliver it due to the duplicate Message-ID. I know that there is an option to release as a file but I don’t want to use it since there are many users don’t have MUA in the company. Also, my MTA is not actually sendmail, it’s Postfix. I am not sure if the sendmail binary installed with Postfix is the same thing or not but it is using Postfix queue.

And yes, you are right. If I upgrade it, it will be gone. Therefore, I am trying to avoid and stick with the version I downloaded. My apologies for bringing MailWatch related topic to MailScanner. I actually wrote other post into MailWatch mailing list but it looks like the mailing list is recently quiet? Or maybe just my post is not getting any responses. Hope this explains my situation. Thanks again.

Eoin

From: MailScanner <mailscanner-bounces+eoin.kim=rcst.com.au at lists.mailscanner.info<mailto:mailscanner-bounces+eoin.kim=rcst.com.au at lists.mailscanner.info>> On Behalf Of Richard Mealing
Sent: Tuesday, 24 July 2018 7:30 AM
To: MailScanner Discussion <mailscanner at lists.mailscanner.info<mailto:mailscanner at lists.mailscanner.info>>
Subject: RE: [Question] I'd like to alter Message-ID when releasing from quarantine

Hi Eoin,
When you release a message you can just have the original email wrapped up as an attachment and sent from a completely new email message ID. You put the email back into the queue for processing, so it will be a new message ID (in sendmail).
Sorry, am I missing something?

I would not play with functions.php unless you use some include or something, since mailwatch is being fairly actively developed on github, so if you upgrade your changes will be lost. I would suggest you create an issue on that page if you wanted to include some new feature, but then I guess I don’t really understand the issue you are facing.

Thanks,
Rich

From: MailScanner <mailscanner-bounces+richard=fastnet.co.uk at lists.mailscanner.info<mailto:mailscanner-bounces+richard=fastnet.co.uk at lists.mailscanner.info>> On Behalf Of Eoin Kim
Sent: Monday, July 23, 2018 22:21
To: MailScanner Discussion <mailscanner at lists.mailscanner.info<mailto:mailscanner at lists.mailscanner.info>>
Subject: RE: [Question] I'd like to alter Message-ID when releasing from quarantine

Hi Shawn,

Thanks again. So, now I have to find a way to put that sed operation somehow into PHP code. I believe the PHP code is feeding a message to sendmail command as a file by looking at it. Are there any easy ways to insert that snippet somehow? Sorry, I am really not confident with computer languages ☹. Cheers.

Eoin

From: MailScanner <mailscanner-bounces+eoin.kim=rcst.com.au at lists.mailscanner.info<mailto:mailscanner-bounces+eoin.kim=rcst.com.au at lists.mailscanner.info>> On Behalf Of Shawn Iverson
Sent: Tuesday, 24 July 2018 12:40 AM
To: MailScanner Discussion <mailscanner at lists.mailscanner.info<mailto:mailscanner at lists.mailscanner.info>>
Subject: Re: [Question] I'd like to alter Message-ID when releasing from quarantine

Eoin,

I think that would be a safer route to take.  It would be nice if you could just generate a new message ID, but I know the semantics of the message IDs are a little complex.

On Fri, Jul 20, 2018 at 7:24 PM, Eoin Kim <Eoin.Kim at rcst.com.au<mailto:Eoin.Kim at rcst.com.au>> wrote:

Hi Shawn,



Thanks for your response. I was thinking about it for a while but then I have to think about the source and destination in the rule. I think I have to use FromAndTo: but I am not sure with the syntax. I guess From should be my gateway (e.g. 127.0.0.1) and To should be the IP address of the Exchange server, is it? But can I actually put these two addresses on the same line in the rule file? I always used From: or To: separately, never used FromAndTo:, hence, I may need a bit of help with the syntax. Plus, what I am acutally worrying about is when I use a rule file, if this operation happening when releasing from quarantine only because I think every email is relayed from the gateway (Ah.... I wish I could speak in English better).

I also was thinking about a different approach, touching the following file - MailWatch/mailscanner/functions.php. More specifically, the line below:

$cmd = QUARANTINE_SENDMAIL_PATH . ' -i -f ' . MAILWATCH_FROM_ADDR . ' ' . escapeshellarg(stripslashes($to)) . ' < ';

Say, if I could execute sed operation (I actually got help, thanks Schlake) beforehand, that would be alright to me. For example, like this:

1. Run sed -i -e "/^H??Message-ID: /s/\(Message-ID: .*\)@\(.*\)/\1-$$@\2/" <
2. After that run $cmd

I am not really confident with PHP, well.... actually any languages :( but I think touching functions.php file more makes sense to me because I believe this will only affect when releasing messages from quarantine, which I want. I don't want to put changing Message-ID operation in any other situations since RFC document recommends not to touch it.

What do you think about this Shawn? Thanks again for your help.

Eoin
________________________________
From: MailScanner <mailscanner-bounces+eoin.kim=rcst.com.au at lists.mailscanner.info<mailto:rcst.com.au at lists.mailscanner.info>> on behalf of Shawn Iverson <iversons at rushville.k12.in.us<mailto:iversons at rushville.k12.in.us>>
Sent: Friday, 20 July 2018 6:17 PM
To: MailScanner Discussion
Subject: Re: [Question] I'd like to alter Message-ID when releasing from quarantine

Eoin,

Can you create a ruleset for header removal in MailScanner (I'm not sure removing the Message-ID is a good idea, but you could give it a try)?

On Fri, Jul 20, 2018 at 12:52 AM, Eoin Kim <Eoin.Kim at rcst.com.au<mailto:Eoin.Kim at rcst.com.au>> wrote:
Hi all,

I am trying to configure MailScanner with MailWatch on Debian 9. Sorry, I didn’t want to involve MailWatch here but since I am trying to use a function from it, I included the name here. As the MTA, I installed Postfix. What I want to achieve is releasing mails from quarantine via sendmail not by a file (this is the feature from MailWatch). However, I am having a problem with this.

There is a Microsoft Exchange server sitting behind this Debian host and it rejects the released email because of the duplicate Message-ID. My senior person doesn’t want to enable the feature of ignoring duplicate on Exchange server. I know there is a feature in MailScanner which removes Message-ID from the mail header. However, I don’t want to remove this from every single message. Are there any ways to alter Messag-ID only when the message is released from quarantine?

I know that if I release emails as a file, no worries. However, I don’t want to do so as there are a huge amount of users who don’t use MUA. I would really appreciate if I can get any helps. Thanks a lot.

Eoin Kim
Systems Administrator

RCS Telecommunications
Level 1 – The Annexe, 133 Mary Street
Brisbane, QLD, 4000, Australia
Office: 07 3228 0843
Mobile: 0419 726 231
Email: eoin.kim at rcst.com.au<mailto:eoin.kim at rcst.com.au>




--
MailScanner mailing list
mailscanner at lists.mailscanner.info<mailto:mailscanner at lists.mailscanner.info>
http://lists.mailscanner.info/mailman/listinfo/mailscanner



--
Shawn Iverson, CETL
Director of Technology
Rush County Schools
765-932-3901 x1171
iversons at rushville.k12.in.us<mailto:iversons at rushville.k12.in.us>

[Image removed by sender.][Image removed by sender.]
[Image removed by sender.]



--
MailScanner mailing list
mailscanner at lists.mailscanner.info<mailto:mailscanner at lists.mailscanner.info>
http://lists.mailscanner.info/mailman/listinfo/mailscanner



--
Shawn Iverson, CETL
Director of Technology
Rush County Schools
765-932-3901 x1171
iversons at rushville.k12.in.us<mailto:iversons at rushville.k12.in.us>

[Image removed by sender.][Image removed by sender.]
[Image removed by sender.]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mailscanner.info/pipermail/mailscanner/attachments/20180723/2efae5d1/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 823 bytes
Desc: image001.jpg
URL: <http://lists.mailscanner.info/pipermail/mailscanner/attachments/20180723/2efae5d1/attachment-0002.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.jpg
Type: image/jpeg
Size: 440 bytes
Desc: image002.jpg
URL: <http://lists.mailscanner.info/pipermail/mailscanner/attachments/20180723/2efae5d1/attachment-0003.jpg>


More information about the MailScanner mailing list