The 03.09.04 at 18:06, Togan Muftuoglu wrote:
/(filename|name)=".*\.(pif)"/ REJECT
I am using DISCARD which silently throws away the email no bounce
messages to anyone :-)
Mmmm... I didn't see that one. Ah, found it in sample-filter.cf:
# DISCARD [optional text...]
# Claim successful delivery and silently discard the message.
# The matched header is logged with the optional text.
There is a "but", then. From that doc, fetchmail is not informed, and will
keep downloading it, wasting my good bandwidth and connection time. In my
case, I prefer reject, which stops fetchmail in mid track.
Discard may be useful with a permanent network connection, but not a
limited bandwidth modem connection, paying by the minute to the phone
company.
The sequence is this:
Fetchmail starts downloading a message - watch the from ;-) I have
obscured the "victim":
Sep 4 19:58:10 nimrodel fetchmail[3924]: POP3> RETR 75
Sep 4 19:58:10 nimrodel fetchmail[3924]: POP3< +OK 101132 bytes
Sep 4 19:58:10 nimrodel fetchmail[3924]: reading message XXXXXX@xxx.tiscali.es:75 of 81 (101132 octets)
smtp connection to postfix opened, fetch starts:
Sep 4 19:58:11 nimrodel fetchmail[3924]: SMTP> MAIL FROM: SIZE=101132
Sep 4 19:58:11 nimrodel fetchmail[3924]: SMTP< 250 Ok
Sep 4 19:58:11 nimrodel fetchmail[3924]: SMTP> RCPT TO:
Sep 4 19:58:11 nimrodel fetchmail[3924]: SMTP< 250 Ok
Sep 4 19:58:11 nimrodel fetchmail[3924]: SMTP> DATA
Sep 4 19:58:11 nimrodel fetchmail[3924]: SMTP< 354 End data with <CR><LF>.<CR><LF>
Postfix, which was called by fetchmail, detects the header, and rejects
it, within one second:
Sep 4 19:58:11 nimrodel postfix/cleanup[3942]: 1E6ECCAA36: message-id=<3EF2DB990085B00F@pop4.es.tisadm.net> (added by postmaster@nettmail.tiscalinet.es)
Sep 4 19:58:11 nimrodel postfix/cleanup[3942]: 1E6ECCAA36: reject: header Content-Type: application/octet-stream;??name="movie0045.pif" from localhost[127.0.0.1]; from= to= proto=ESMTP helo=<localhost>: Message content rejected
Sep 4 19:58:11 nimrodel postfix/local[4758]: 88386CAA22: to=, relay=local, delay=0, status=bounced (unknown user: "fetchmail-daemon")
(The last line refers to another email, they are interleaved; I have just
added "fetchmail-daemon: postmaster" to my "/etc/aliases", so that I get
the bounce-bounced: I'm curious)
14 seconds later, fetchmail stops downloading it; that's about 55 Kbytes
maximum (the payload has a hundred). I'm not fully sure how much it has
downloaded, but I would prefer it to act faster.
Sep 4 19:58:35 nimrodel fetchmail[3924]: SMTP>. (EOM)
Sep 4 19:58:36 nimrodel fetchmail[3924]: SMTP< 550 Error: Message content rejected
Sep 4 19:58:36 nimrodel fetchmail[3924]: SMTP error: 550 Error: Message content rejected
Sep 4 19:58:36 nimrodel postfix/smtpd[3971]: connect from localhost[127.0.0.1]
And fetchmail now tries to generate a bounce mail, handed over to my
postfix daemon:
Sep 4 19:58:36 nimrodel fetchmail[3924]: SMTP< 220 nimrodel.valinor ESMTP Postfix
Sep 4 19:58:36 nimrodel fetchmail[3924]: SMTP> HELO localhost
Sep 4 19:58:36 nimrodel fetchmail[3924]: SMTP< 250 nimrodel.valinor
Sep 4 19:58:36 nimrodel postfix/smtpd[3971]: 0EB09CAA22: client=localhost[127.0.0.1]
Sep 4 19:58:36 nimrodel fetchmail[3924]: SMTP> MAIL FROM:
Sep 4 19:58:36 nimrodel fetchmail[3924]: SMTP< 250 Ok
Sep 4 19:58:36 nimrodel fetchmail[3924]: SMTP< 250 Ok
Sep 4 19:58:36 nimrodel fetchmail[3924]: SMTP> RCPT TO:
Sep 4 19:58:36 nimrodel fetchmail[3924]: SMTP< 250 Ok
Sep 4 19:58:36 nimrodel fetchmail[3924]: SMTP> DATA
Sep 4 19:58:36 nimrodel fetchmail[3924]: SMTP< 354 End data with <CR><LF>.<CR><LF>
Sep 4 19:58:36 nimrodel fetchmail[3924]: SMTP: (bounce-message body)
Sep 4 19:58:36 nimrodel fetchmail[3924]: SMTP>. (EOM)
Sep 4 19:58:36 nimrodel postfix/cleanup[3978]: 0EB09CAA22: message-id=<20030904175836.0EB09CAA22@nimrodel.valinor>
Sep 4 19:58:36 nimrodel postfix/qmgr[2842]: 0EB09CAA22: from=, size=1694, nrcpt=1 (queue active)
Sep 4 19:58:36 nimrodel fetchmail[3924]: SMTP< 250 Ok: queued as 0EB09CAA22
Sep 4 19:58:36 nimrodel postfix/smtpd[3971]: disconnect from localhost[127.0.0.1]
And then fetchmail deletes the email from the server:
Sep 4 19:58:36 nimrodel fetchmail[3924]: SMTP> QUIT
Sep 4 19:58:36 nimrodel fetchmail[3924]: SMTP< 221 Bye
Sep 4 19:58:36 nimrodel fetchmail[3924]: SMTP listener refused delivery
Sep 4 19:58:36 nimrodel fetchmail[3924]: SMTP> RSET
Sep 4 19:58:36 nimrodel fetchmail[3924]: SMTP< 250 Ok
Sep 4 19:58:36 nimrodel fetchmail[3924]: flushed
Sep 4 19:58:36 nimrodel fetchmail[3924]: POP3> DELE 75
Sep 4 19:58:36 nimrodel fetchmail[3924]: POP3< +OK message marked for deletion
And starts fetching the next one:
Sep 4 19:58:36 nimrodel fetchmail[3924]: POP3> RETR 76
Sep 4 19:58:36 nimrodel fetchmail[3924]: POP3< +OK 4272 bytes
Finally, postfix tries to send the bounce:
Sep 4 19:58:36 nimrodel postfix/smtpd[3949]: 873FDCAA31: client=localhost[127.0.0.1]
Sep 4 19:58:36 nimrodel postfix/cleanup[3942]: 873FDCAA31: message-id=<20030904175836.0EB09CAA22@nimrodel.valinor>
Sep 4 19:58:36 nimrodel postfix/qmgr[2842]: 873FDCAA31: from=, size=1917, nrcpt=1 (queue active)
Sep 4 19:58:36 nimrodel postfix/pipe[3943]: 0EB09CAA22: to=, relay=vscan, delay=0, status=sent (nimrodel.valinor)
And succeeds. See? Microsoft hasn't checked the sender domain ;-)
ps look to this site the contributions have a lot of UCE code :-)
http://www.hispalinux.es/%7Edata/postfix/
Not bad... But I prefer leaving my spam filtering to spamassassin - except
if they are big. I have some addresses blocked, and they keep trying.
--
Cheers,
Carlos Robinson