spamass-milt-list
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: DATE_IN_FUTURE weirdness

From: Andrew Daviel
Subject: RE: DATE_IN_FUTURE weirdness
Date: Tue, 14 Sep 2010 14:36:53 -0700 (PDT) 
On Tue, 14 Sep 2010, Jörg Wedekind wrote:


So the fault in my case was a misconfiguration in the sendmail.cf on the
milter definition. In my m4 file the following line was listed:

define(`confMILTER_MACROS_ENVRCPT',`r, v, Z, b, _')dnl

Could anyone tell me what these MACROS are and what the Letters/Signs stands
for?
The macros MILTER_MACROS_ENVRCPT, MILTER_MACROS_ENVFROM etc. define additional environment variables passed to the milter at RCPT TO, FROM etc. callbacks.
The variable names are documented in op.ps from the sendmail distribution.
I currently have the rather longer sets in sendmail.cf (some must be defaults; I do not have all these explicitly in sendmail.mc) : 
O Milter.macros.connect=t, b, j, _, {daemon_name}, {if_name}, {if_addr}
O Milter.macros.helo={tls_version}, {cipher}, {cipher_bits}, {cert_subject}, 
{cert_issuer}
O Milter.macros.envfrom=i, {auth_type}, {auth_authen}, {auth_ssf}, 
{auth_author}, {mail_mailer}, {mail_host}, {mail_addr}, {msg_size}
O Milter.macros.envrcpt=i, j, r, v, b, Z, _,{rcpt_mailer}, {rcpt_host}, 
{rcpt_addr}
O Milter.macros.eom={msg_id}



From op.ps:
r Protocol used to receive the message. v The version number of the sendmail binary. 
Z  reserved for configuration file authors (here the cf version, defined in 
sendmail.cf)
b  The current date in RFC 822 format.
_  The validated sender address.
i  The queue id, e.g., "HAA12345".
j  The "official" domain name for this site.
s  Sender's host name (from HELO)
v  The version number of the sendmail binary.
{auth_type}     The mechanism used for authentication (only set if successful).
The idea is to fake up a Received header that would have been added by the local sendmail if the message went to local delivery instead of the milter first, since spamassassin gets some information from this - in particular, the last relay address (_) 

    assassin->output((string)
         "Received: from "+macro_s+" ("+macro__+")\r\n\t"+
         "(authentication "+macro_authtype+")\r\n\t"+
         "by "+macro_j+"("+macro_v+"/"+macro_Z+") with "+macro_r+" id 
"+macro_i+"\r\n\t"+
         macro_b+"\r\n\t"+
         "(envelope-from "+assassin->from()+"\r\n");
I had been having some trouble with people logging into sendmail from offsite; I wanted to whitelist them because they authenticated even though they might be on a dynamic ip, rfc-ignorant etc. 
I have in spamassasin local.cf :

header SMTP_AUTH2   Received =~ /authenticated bits=[\d].{1,80}by 
trmail.triumf.ca.{10,180}cipher/
score SMTP_AUTH2 -10
describe SMTP_AUTH2  Authenticated to trmail.triumf.ca

# magic string seen only by milter - not "authentication NONE"
header SMTP_AUTH3   Received =~ /authentication [^N][\w].{1,80}by 
trmail.triumf.ca/
score SMTP_AUTH3 -10
describe SMTP_AUTH3  Authenticated to trmail.triumf.ca

which I think does this (unless it's broken; I haven't checked recently)

--
Andrew Daviel, TRIUMF, Canada
Tel. +1 (604) 222-7376  (Pacific Time)
Network Security Manager
reply via email to
[Prev in Thread] Current Thread [Next in Thread]