[Esd-l] NONOTIFY not honored

John D. Hardin jhardin at impsec.org
Fri Jan 30 21:38:48 PST 2004

On Fri, 30 Jan 2004, Smart,Dan wrote:

> I clean up my local-rules file with no notify line, but it is
> still notifying...

{rereads code rather than answering off-the-cuff}

Oops. Sorry. The logic surrounding notification is complex and needs
to be simplified. Here's the poop:

NOTIFY, QUARANTINE and DISCARD will all cause notification.

NONOTIFY will suppress admin notification, but does not affect sender
or recipient notification.

So to quietly quarantine a message, you need to do this ugly hack:

  * rules
    # Suppress sender notification
    # Suppress recipient notification

    :0 hfi
    | formail -A "X-Content-Security: [$HOST] NONOTIFY" \
              -A "X-Content-Security: [$HOST] QUARANTINE" \
              -A "X-Content-Security: [$HOST] REPORT: whatever"

in the NONOTIFY header to not bother the admin. Nobody should be
notified. If you're doing this a lot, you might want to put the action
part in an include rule and get the reason from an environment
variable. Then you can do something easy to type and understand like:

  * rules
    REASON="NovArg worm"

If you want to silently discard the message, you can just:

  * rules
     LOG="Tossing message for {reason}"


...and save all the sanitizer's handling processing and notification 

 John Hardin KA7OHZ    ICQ#15735746    http://www.impsec.org/~jhardin/
 jhardin at impsec.org                        pgpk -a jhardin at impsec.org
 key: 0xB8732E79 - 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873 2E79
  "Bother," said Pooh as he struggled with /etc/sendmail.cf, "it never
  does quite what I want. I wish Christopher Robin was here."
				-- Peter da Silva in a.s.r
   64 days until the Slovakian Presidential Election

More information about the esd-l mailing list