Beefy Boxes and Bandwidth Generously Provided by pair Networks
P is for Practical
 
PerlMonks  

Server wide spam stop with qmail

by Juerd (Abbot)
on Jan 04, 2003 at 01:41 UTC ( [id://224169]=CUFP: print w/replies, xml ) Need Help??

I spent the past few days looking for a good way to implement spamassassin server wide. Most solutions involve creating a .qmail files for all virtual users, but I don't like that. There's qmail-scanner that can use spamassassin to tag messages, but does not stop spam delivery. Local users benefit from /etc/procmailrc, but virtual users cannot.

To make things even worse, I don't want to stop spam, but deliver it to a mailbox that I can review to see if my spamassassin settings are correct.

After hours of searching and not finding anything that did what I want, I hacked up this little script that does exactly what I want. Perl's just the glue that holds things together, but I couldn't find strong glue like this elsewhere. 

#!/usr/bin/perl
 
# Server wide spam stopper for qmail, second version.
# Meant to be used with qmail-qfilter and spamassassin.
# Does not require or use procmail.
# Use at your own risk. Sysadmin skills are required.
# Made by Juerd Waalboer.
  
# In tcpserver configuration or init.d/qmail
# QMAILQUEUE=/path/to/somefilter
#
# #!/bin/sh
# # This is /path/to/somefilter
# exec /path/to/qmail-qfilter \
#     /path/to/spamc -- \
#     /path/to/thisscript -- \  # This Perl script
#     /path/to/qmail-inject -n

use strict; 
use Sys::Hostname qw(hostname);
use Time::HiRes qw(gettimeofday);
use Fatal qw(open close link unlink);

my $maildir = '/var/spam';  # Maildir to store spam in.

my $spam = 0;
my $headers = '';

while (<>) {
    /^$/ and do {
        $/ = \65536;
        if ($spam > 0) {
            my $tph = join '.',
                time(), "$$\_".(gettimeofday)[1],  hostname();
            open my $fh, ">$maildir/tmp/$tph";
            print $fh $headers, $_;
            print $fh $_ while <>;
            close $fh;
            chmod 0660, "$maildir/tmp/$tph";
            link "$maildir/tmp/$tph", "$maildir/new/$tph";
            unlink "$maildir/tmp/$tph";
            exit 99;  # "Succesful", but don't deliver
        } else {
            print $headers, $_;
            print while <>; 
            exit 0;  # Deliver it
        }
    };
    /^X-Spam-Flag: YES/ and $spam++;
    $headers .= $_;
}

[download]

- Yes, I reinvent wheels.
- Spam: Visit eurotraQ.

Replies are listed 'Best First'.
Re: Server wide spam stop with qmail
by ask (Pilgrim) on Jan 04, 2003 at 04:54 UTC
    Somewhat related, you might be interested in qpsmtpd.

    "qpsmtpd is a qmail-smtpd replacement written in perl. The new features over the normal qmail-smtpd are primarily tools to avoid accepting mails we have to bounce anyway and a object oriented system for easily writing extension plugins." It includes a spamassassin plugin.

    - ask 

    -- 
ask bjoern hansen, http://www.askbjoernhansen.com/   !try; do();
[reply]
Re: Server wide spam stop with qmail
by Aristotle (Chancellor) on Jan 04, 2003 at 03:50 UTC
    You can greatly simplify this by playing with the record separator. Something like the following: 
    #!/usr/bin/perl -w
use strict; 
use Sys::Hostname qw(hostname);
use Time::HiRes qw(gettimeofday);
use Fatal qw(open close link unlink);

use constant FORWARD => 0;
use constant SUCCESS_DONTFORWARD => 99;

my $maildir = '/var/spam';  # Maildir to store spam in.

{
    local $/ = "\n\n";
    $_ = <>;

    undef $/
    my $body = <>;
}

exit !/^X-Spam-Flag:\s+YES/m
    ? print($_, $body), FORWARD
    : do {
        my $tph = join ".",
            time(), "$$\_".(gettimeofday)[1],  hostname();

        my $temp = "$maildir/tmp/$tph";
        umask 007; # Name's Bond..
        {
            open my $fh, ">", $temp;
            print $fh $_, $body;
        }

        link $temp, "$maildir/new/$tph";
        unlink $temp;

        SUCCESS_DONTFORWARD;
    };

    [download]
    Untested..

    Makeshifts last the longest.

[reply]
[d/l]

      undef $/ my $body = <>;

      E-Mail can be very large. Body includes attachments, so I prefer being slow over using a lot of memory. 

      - Yes, I reinvent wheels.
- Spam: Visit eurotraQ.

[reply]
        Ah, good point. In that case you might consider using, say, $/ = \32768; to read 32k chunks while printing the body - gets rid of the useless end-of-line scanning overhead.

        Makeshifts last the longest.

[reply]

Back to Cool Uses for Perl

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: CUFP [id://224169]
Approved by Aristotle
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others romping around the Monastery: (6)
As of 2024-04-25 18:06 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found