Re: Exim, RBL/ORBS, fetchmail and POP3
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
A long time ago, in a galaxy far, far way, someone said...
> Are you absolutely sure? I ask because the fetchmail man page makes it
> sound like it can do just that.
Pretty sure - exim (at least on my computer) gets mail from fetchmail via
127.0.0.1. Considering that's where exim considers 127.0.0.1 to be the
source of the spam I don't think it'll work to blackhole 127.0.0.1 :)
I'm trying to say that the spam detection wouldn't happen at the point
where exim gets the mail from fetchmail but rather during the stage where
exim would be processing the email in .forward - hence someone else's
suggestion to use procmail.
> > Obviously the answer (to me, at least :) is to detect if the mail message
> > was delivered to your ISP via an open relay.
>
> Yes, Exim has rbl functionality.
But of course. I use it on servers (like tux.creighton.edu) directly
connected to the internet.
But exim's rbl functionality is useless when the messages are coming from
127.0.0.1.
> OK. Some excerpts from man fetchmail:
>
> > -Z nnn, --antispam nnn[,nnn[,nnn...]]
> > (Keyword: antispam) Specifies the list of numeric
> > SMTP errors that are to be interpreted as a spam-
> ^^^^^^^^^^^^
>
> > block response from the listener. A value of -1
> > disables this option. For the command-line option,
> > the list values should be comma-separated.
Interesting; hadn't thought of that route.
How to you propose that exim detect the spam? Yes, exim can give
fetchmail a delivery failure response code, but you need need to get exim
to figure out the IP of the mail server that had it two (or more - I have
4) hops ago. Last I checked exim isn't in the business of parsing
people's email messages, just delivering/transferring them.
[snip]
> > If you search freshmeat.net I think you'll find one program that does so
> > (I don't recall what it's called), but I havent' yet found a way to make
> > it work nicely with exim's filtering language, which I rely on to filter
> > my email.
Actually, I found the program I'm looking for - rblfilter. I put it up at
http://tux.creighton.edu/~pbrutsch/rblfilter.tgz.
> This fetchmail/MTA/RBL thing seems so natural to me that I can't believe
> it hasn't been done, or is being done for POP3 users.
Yes, it does seem natural. But you run into the following problem: how
does the MTA determine what's spam and what isn't? A neural-net heuristic
examining the text of the message? (seriously. someone wrote one, but it
depends on java which shrinks my interest quite a bit...)
That's why someone else suggested procmail... it can put suspected spams
into their own folder, or delete them, etc.
Upon taking my own jaunt through the fetchmail manpage fetchmail can call
external programs (ie procmail, maildrop, /usr/lib/sendmail, etc) to do
mail delivery. Combining fetchmail+<insert mda here>+rblfilter (and
leaving exim out of the equation) will probably do what you want.
- --
- ----------------------------------------------------------------------
Phil Brutsche pbrutsch@tux.creighton.edu
GPG fingerprint: 9BF9 D84C 37D0 4FA7 1F2D 7E5E FD94 D264 50DE 1CFC
GPG key id: 50DE1CFC
GPG public key: http://tux.creighton.edu/~pbrutsch/gpg-public-key.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE6Oa9C/ZTSZFDeHPwRAipcAJ4j827P3Q5HgeCutcLpK2GDBaUmIQCfUez0
NNOHAD0+IAZLv/woJQHvzk8=
=HdPX
-----END PGP SIGNATURE-----
Reply to: