#!/bin/sh # 20040508 _M Modified for snfrv2r3 release. # 20040102 _M Modified for snfrv2r2 release. # Also improved file collision avoidance using DATE functions. # 20021204 _M Modified for sniffer2 release. No other changes. # sniffer - 20021106 _M ############################################## # # This script is a template for using SortMonster's Message Sniffer # on Postfix systems. It is derived from the FILTER_README distributed # with Postfix. # # This script accepts the message, writes it to a file, scans it with # the sniffer utility, and then delivers the message if there is no # pattern match. If a pattern match is found then there are a number # of options included in this script. # # The default action is to write a header to the message indicating # the symbol for the pattern match. # # In practice, the system administrator should adjust this script to # interpret the response from sniffer and take some appropriate action. # In that respect, this script is only a good starting point. # # ###################################################################### # Localize the inspection directory, sniffer installation, and # sendmail command. It is VITAL that the sniffer utility is named with # a .exe extension so that it can rewrite it's file name to produce it's # log file and to read it's rule file. Both of those must be in the same # directory along with the binary. INSPECT_DIR=DATADIR/PACKAGE_NAME SNIFFER_EXE=PREFIX/sbin/SNFClient SENDMAIL="/usr/sbin/sendmail -G -i" MSGFILE=$INSPECT_DIR/`date +%Y%m%d%H%M%S`_$$_$RANDOM.msg # Define Exit codes from EX_OK=0 EX_TEMPFAIL=75 EX_UNAVAILABLE=69 # Clean up when when aborting. trap "rm -f $MSGFILE*" 1 2 3 15 # Move to our filter directory where we perform our inspections. cd $INSPECT_DIR || { echo $INSPECT_DIR does not exist; exit $EX_TEMPFAIL; } # Copy the message to a temp file for processing. cat > $MSGFILE || { echo Cannot save mail to file; exit $EX_TEMPFAIL; } # Now that we have the message as a file we can process it with # Message Sniffer. The sniffer utility will return a nonzero value if # it finds a pattern match. $SNIFFER_EXE $MSGFILE || { # If we're here, we know sniffer found a match. So, what do we do? ################################################################## # # # *ONE* OF THE FOLLOWING BLOCKS MUST BE UNCOMMENTED. THE DEFAULT # # IS THE MESSAGE HEADER BLOCK. # # # ################################################################## #### Uncomment this section to reject (bounce) the message. # # echo Message content rejected, symbol = $?; # rm -f $MSGFILE*; # exit $EX_UNAVAILABLE; #### Uncomment this section to eat the message. # # echo Message content destroyed, symbol = $?; # rm -f $MSGFILE* # exit $EX_OK; #### Uncomment this section to hold the message for review. # # echo Message Content Held For Review, symbol = $?; # exit $EX_OK; #### Uncomment this section to add a header to the message. echo X-SortMonster-Msg-Sniffer-Match: Symbol-$? > $MSGFILE.x; cat $MSGFILE.x $MSGFILE > $MSGFILE.y; $SENDMAIL "$@" < $MSGFILE.y; rm -f $MSGFILE*; exit $EX_OK; # NOTE: The value returned by the sniffer program is an integer # representing the rule/group that was matched. That value may be # any integer from 1 through 64. The value is derived from the # matching rule's symbol (mod 64)+1. The actual symbol will be # accurately recorded in the log file. This is a correction from # the demo version which uses an older code base. } # At this point we want to deliver the message as-is. We reinject # the message with our sendmail command and then clean up our temp # file(s). $SENDMAIL "$@" < $MSGFILE rm -f $MSGFILE* exit $?