From owner-freebsd-ports@FreeBSD.ORG Wed Sep 27 15:29:45 2006 Return-Path: X-Original-To: freebsd-ports@freebsd.org Delivered-To: freebsd-ports@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8AA6716A8B8 for ; Wed, 27 Sep 2006 15:29:45 +0000 (UTC) (envelope-from mike@skew.org) Received: from chilled.skew.org (chilled.skew.org [70.90.116.205]) by mx1.FreeBSD.org (Postfix) with ESMTP id 35C4343D98 for ; Wed, 27 Sep 2006 15:29:36 +0000 (GMT) (envelope-from mike@skew.org) Received: from chilled.skew.org (localhost.skew.org [127.0.0.1]) by chilled.skew.org (8.13.6/8.13.6) with ESMTP id k8RFTLmF023925; Wed, 27 Sep 2006 09:29:22 -0600 (MDT) (envelope-from mike@chilled.skew.org) Received: (from mike@localhost) by chilled.skew.org (8.13.6/8.13.6/Submit) id k8RFTK92023924; Wed, 27 Sep 2006 09:29:20 -0600 (MDT) (envelope-from mike) From: Mike Brown Message-Id: <200609271529.k8RFTK92023924@chilled.skew.org> In-Reply-To: <4519B09B.7050809@ebit.com.au> To: Chris Martin Date: Wed, 27 Sep 2006 09:29:20 -0600 (MDT) X-Whoa: whoa. X-Mailer: ELM [version 2.4ME+ PL122g (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="UTF-8" Cc: freebsd-ports@freebsd.org Subject: Re: milter-regex doesn't seem to be miltering! X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 Sep 2006 15:29:45 -0000 Chris Martin wrote: > I am trying to use milter-regex to pre-sort e-mail/spam before passing > it on to clamav and spamassassin, but it doesn't seem to be working. > > Here are my first, slightly lame, rules: > > reject "Spam not welcome" > header /Subject:/ /\b(PHA)+([a-zA-Z]+(RMA))\b/ > > reject "Spam not welcome" > header /Subject:/ /\b(PHA)+([a-zA-Z]+(RMACY))\b/ > > discard > header /Subject:/ /TESTSTRING45819203/ This isn't really the place to ask about it, but there's not really a better forum, either. Maybe freebsd-questions. Anyway, lots of things could be going wrong. First, the obvious: is milter-regex running? # ps -auwwx | fgrep milter mailnull 34677 0.0 1.3 14772 6800 ?? Ss 28Aug06 38:12.65 /usr/local/libexec/milter-regex -c /usr/local/etc/milter-regex.conf Did you follow the instructions in the port's pkg-install to set it up to start at boot time? It involves editing /etc/rc.conf.local (or rc.conf) and /etc/rc.local. Did you set up logging? Make sure your /etc/syslog.conf contains lines like the following: *.=debug /var/log/debug.log !milter-regex daemon.err;daemon.notice /var/log/maillog and then 'kill -HUP `cat /var/run/syslog.pid`'. Now you should get copious logs to look at. If your milter-regex.conf has errors, you should see a message about it in maillog. In debug.log you should see everything the milter is processing, up to the point where a rule is matched. I like to tail -f my debug.log sometimes and see what gets through, and make sure I don't have any false positives. You might want to take a look at my milter-regex.conf: http://skew.org/~mike/milter-regex.conf In any case, you definitely have problems with your regexes. milter-regex uses basic POSIX regular expressions by default, but you're using "+" to mean 1-or-more, so you need to append an "e" to the end to flag it as an 'extended' POSIX regex. Your "\b" is presumably meant to be a word boundary, but that's a feature of Perl-compatible regexes, not POSIX, so get rid of those. Also, I'm not sure about what you're trying to match. (PHA)+ would match one or more "PHA"s. The parentheses in ([a-zA-Z]+(RMA)) are not doing anything but wasting memory; [a-zA-Z]+RMA would mean the same thing, matching 1 or more a-z (case insensitive) followed by "RMA". If you want the "CY" at the end to be optional, you'd add "(CY)?" instead of creating a new regex for it. The colon isn't included in the header that gets tested, so you'll never match with "Subject:". You want "Subject". But I prefer "^Subject$" because it ensures that it matches only "Subject" and not something like "X-Original-Subject". Finally, if you have multiple rules, you can put them together under one "reject" line. Again, see my milter-regex.conf for examples, and take note of the comments therein... For example, I'm doing a lot of "reject"ing but ultimately I think I want discard spam, not reject it, in order to avoid having the sending system generate a bounce that goes to the poor soul whose email was used as the return address. Mike