Re: Exim, RBL/ORBS, fetchmail and POP3
On Thu, Dec 14, 2000 at 11:42:23PM -0600, Phil Brutsche wrote:
> > OK. Some excerpts from man fetchmail:
> >
> > > -Z nnn, --antispam nnn[,nnn[,nnn...]]
> > > (Keyword: antispam) Specifies the list of numeric
> > > SMTP errors that are to be interpreted as a spam-
> > ^^^^^^^^^^^^
> >
> > > block response from the listener. A value of -1
> > > disables this option. For the command-line option,
> > > the list values should be comma-separated.
Phil, Mark, thanks for the feedback. I appreciated it.
OK. Some quick reformulating/restatement of what I had said:
- fetchmail has the capability to kill/DELE/filter-out messages
*serverside* per the user's wishes. That we already know, see the
man page. That's why I'm so attracted to the 'possibility' that I
as a *POP3* user could also RBL kill my UCE/UBE serverside.
That's why the procmail solution is less fabulous! procmail will do
its thing only after I have downloaded =everything=.
- I'm not suggesting that we blackhole our loopback address. =) You
crazy guy, you, Phil. See below.
- fetchmail's man page is downright schizophrenic if that '-Z nnn'
doesn't apply to this discussion somehow more than merely
blacklisting MAIL FROM: or DATA lines,
I still don't know what a "DATA line" is? and how fetchmail will
use it for anti-spam detection? as it says it does. After all,
it's not "antispam"-ming itself! (Read, 127.0.0.x) And this DATA
line is where I had my best hope. See the man page.
Relatedly, I intentionally did not mention yesterday that -Z may be
strictly intended for IMAP use. (The man page quote I posted
yesterday was long, purposely. Toward the end of it
IMAP/headers-only/saving download time is mentioned explicitly.
The man page is muddled in this respect.) I wanted to hear, not be
heard.
With respect to how to do detect RBL messages, how about:
- fetchmail does for non-IMAP (read, POP3) poll sites a 'TOP # 0',
the pound sign being the message. You have email headers only now.
You're looking for Received: lines only! More specifically, you're
ignoring all Received: lines that you've told fetchmail are
harmless, e.g., your own machines or redirect hops, etc. These
should be known to you:
For example, my john@unixen.org address is redirected from
redir.gandi.net > att.net > localhost. I know this is always the
case. So the hop before redir.gandi.net is what would be
examined in my case. And nothing more.
Restated, the first unknown hop is what would be examined. And
nothing more. Then, is it that difficult to parse something like:
Received: from nyc.rr.com (nycsmtp3fb.rdc-nyc.rr.com
[24.29.99.80]) by redir.gandi.net (Postfix) with ESMTP id
1076B39659 for <john@unixen.org>; Fri, 15 Dec 2000 03:59:19
+0100 (CET)
and pick the contents of the []'s and do an rbl check on it. I
don't think this is against the UNIX way of do one thing well.
fetchmail already can do just this for IMAP users. And, POP3 users
are more numerous. Or a 3rd party patch solution is logical too.
> How to you propose that exim detect the spam?
See above.
> Yes, exim can give
> fetchmail a delivery failure response code, but you need need to get exim
> to figure out the IP of the mail server that had it two (or more - I have
> 4) hops ago.
Just the last unknown hop. See above.
> Last I checked exim isn't in the business of parsing
> people's email messages, just delivering/transferring them.
I'm suggesting that fetchmail do that in a simple way, as the tasks I
outlined above seem simple enough.
> Actually, I found the program I'm looking for - rblfilter. I put it up at
> http://tux.creighton.edu/~pbrutsch/rblfilter.tgz.
I believe that's the app with a very outdated (over a year old when I
looked at it several months ago) Web page. I took that to mean that the
author either had abanoned the project or it was very low priority. I
had seen the fetchmail antispam talk in its man page, and so I have
figured that fetchmail is a more fully functional solution.
As I am switching to Debian soon,
I have over the last several days asked for assistance in this list
regarding a pristine Debian install via PPP but I have received not
one solid/meaty response or follow through. *I'm very frustrated
regarding that.*
and I am using RHL6.1 for 6 months now, but I can't stand it any longer,
I haven't had the opportunity to try an RBL capable MTA such as Exim.
The sendmail I have needs patching, so I haven't bothered on this front
till now.
> That's why someone else suggested procmail... it can put suspected spams
> into their own folder, or delete them, etc.
It bothers me to no end to sit there and have to waste my bandwidth not
to mention my time, expending my patience waiting on UCE as well as my
mail. I have unlimited access, through a straw, but unlimited. What
about metered folks! I repeat myself, I can't believe that someone
hasn't bent ESR's ear (or another developer) about this one feature for
POP users. Or made it a patch for the multitude who would care.
> Upon taking my own jaunt through the fetchmail manpage fetchmail can call
> external programs (ie procmail, maildrop, /usr/lib/sendmail, etc) to do
> mail delivery. Combining fetchmail+<insert mda here>+rblfilter (and
> leaving exim out of the equation) will probably do what you want.
I always try to look for standard, major solutions but IF I have to go
elsewhere: What the f_ck in the end, ay?! =)
John
--
John Bacalle f./vm. +1 212 894 3778 x1057
(slrn:*v****:Tin) (Mutt:v*****:Pine) (GnuPG:v*****:PGP) (GNU:v*****:OSI) N
I'm selling several new MCSE and Red Hat books at a discount. My reef Y
aquarium and equipment as well: <http://www.unixen.org/sale-main.html> C
Reply to: