alterMIME

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
12 messages Options
Reply | Threaded
Open this post in threaded view
|

alterMIME

Joe Acquisto-j4
Any chance of assistance here with alterMIME?    There is a need to add disclaimers to outgoing mail.

I have it configured (one supposes) to be complaint free on restart of postfix and can see from /var/log/mail that is does act on the specific email addresses (senders) that I intended.  At least it was processed by "filter".     I am a bit puzzled that "relay" shows as "filter" for all users.   But mail does ultimately deliver via the normal route

However, the received mail does not actually contain the disclaimer message.     Google has not been my friend today with no results that seem to apply.



Reply | Threaded
Open this post in threaded view
|

Re: alterMIME

@lbutlr
On 22 Aug 2016, at 14:14, Joe Acquisto-j4 <[hidden email]> wrote:
> There is a need to add disclaimers to outgoing mail.

Just as a point of information, I consider mail with attached disclaimers to be spam and classify them as such.

I used to post all the “Warning, this email is confidential” emails to a public web server.


Reply | Threaded
Open this post in threaded view
|

Re: alterMIME

Joe Acquisto-j4
>>> On 8/22/2016 at 7:31 PM, in message
<[hidden email]>, "@lbutlr"
<[hidden email]>
wrote:
> On 22 Aug 2016, at 14:14, Joe Acquisto-j4 <[hidden email]>
wrote:
>> There is a need to add disclaimers to outgoing mail.
>
> Just as a point of information, I consider mail with attached
disclaimers to
> be spam and classify them as such.
>
> I used to post all the “Warning, this email is confidential”
emails to a
> public web server.

Thanks for sharing.


Reply | Threaded
Open this post in threaded view
|

Re: alterMIME

Bill Cole-3
In reply to this post by Joe Acquisto-j4
On 22 Aug 2016, at 16:14, Joe Acquisto-j4 wrote:

> Any chance of assistance here with alterMIME?

A slim chance, but it's worth a shot...

> There is a need to add disclaimers to outgoing mail.

Someone won't listen to reason, huh? That's unfortunate.

You might try pointing them at
http://apps.americanbar.org/litigation/committees/technology/articles/winter2013-0213-do-email-disclaimers-really-work.html 
but only you can judge whether pushing back is a better or worse
strategy in your circumstance than just doing a small bit of useless
work.

> I have it configured (one supposes) to be complaint free on restart of
> postfix and can see from /var/log/mail that is does act on the
> specific email addresses (senders) that I intended.  At least it was
> processed by "filter".     I am a bit puzzled that "relay" shows as
> "filter" for all users.   But mail does ultimately deliver via the
> normal route

Evidence of what exactly this all means would help make it easier to
help. I'd bet that most people here don't use alterMIME, but that's not
entirely dooming: many of us use tools that modify mail as it passes
through Postfix and generally speaking that works in a limited number of
ways. The fact that you're trying to use alterMIME specifically is not
as important as how you have configured Postfix to use it, what your log
is actually saying about the handling of messages, and what the raw
input and output messages look like.

> However, the received mail does not actually contain the disclaimer
> message.     Google has not been my friend today with no results that
> seem to apply.

Based on these being the top "how to" hits for altermime disclaimers:

https://www.howtoforge.com/how-to-automatically-add-a-disclaimer-to-outgoing-emails-with-altermime-postfix-on-debian-squeeze
https://www.gypthecat.com/how-to-add-different-disclaimers-using-altermime-and-postfix-based-on-domain

I'm guessing that you're using a similar setup: a script run as a pipe
transport due to a  content_filter directive in the smtpd line in
master.cf, which runs altermime on messages selectively and reinjects
them with sendmail. That's a bit inflexible and inefficient, but I guess
it would be OK for very modest volume and not needing the disclaimer on
mail generated on the server itself. That approach pipes *all* mail
arriving by SMTP into the filter script, avoiding loops because local
'sendmail' submission doesn't use SMTP. This would explain why your log
shows all mail going to "filter".

Assuming that guess is correct...  I'd start by making sure that the
script that runs altermime is run by a user that can write to wherever
it tries to do its work. Once you confirm this isn't a permissions
problem (which I expect because that would likely cause no delivery at
all,) add diagnostic lines to the script so you can see what exactly it
is actually doing when it runs.

And for what it's worth: if you really must do this, consider using a
better tool. One option: the MIMEDefang milter. MIMEDefang is maybe
overkill if this is just an outbound system and you don't need robust
filtering capabilities, but it is a mature, actively maintained, and
well-documented piece of software that can manipulate MIME messages
correctly, including adding silly disclaimers selectively without
damaging message structure. As a milter, it acts on a message as it
passes through a Postfix smtpd process rather than as a next hop
transport and Postfix can be configured to also use it for non-SMTP
injections. There may be other milters available strictly for adding
disclaimers, but I'm not aware of any.
Reply | Threaded
Open this post in threaded view
|

Re: alterMIME

Joe Acquisto-j4
>>> On 8/23/2016 at 1:16 AM, in message
<[hidden email]>, "Bill Cole"
<[hidden email]> wrote:
> On 22 Aug 2016, at 16:14, Joe Acquisto-j4 wrote:
>
>> Any chance of assistance here with alterMIME?
>
> A slim chance, but it's worth a shot...
>
>> There is a need to add disclaimers to outgoing mail.
>
> Someone won't listen to reason, huh? That's unfortunate.

Yes.   Sad how common that is these days.

> You might try pointing them at
> http://apps.americanbar.org/litigation/committees/technology/articles/winter 
> 2013-0213-do-email-disclaimers-really-work.html
> but only you can judge whether pushing back is a better or worse
> strategy in your circumstance than just doing a small bit of useless
> work.

"You can lead a horse to water . . . "  
 

>> I have it configured (one supposes) to be complaint free on restart of
>> postfix and can see from /var/log/mail that is does act on the
>> specific email addresses (senders) that I intended.  At least it was
>> processed by "filter".     I am a bit puzzled that "relay" shows as
>> "filter" for all users.   But mail does ultimately deliver via the
>> normal route
>
> Evidence of what exactly this all means would help make it easier to
> help. I'd bet that most people here don't use alterMIME, but that's not
> entirely dooming: many of us use tools that modify mail as it passes
> through Postfix and generally speaking that works in a limited number of
> ways. The fact that you're trying to use alterMIME specifically is not
> as important as how you have configured Postfix to use it, what your log
> is actually saying about the handling of messages, and what the raw
> input and output messages look like.
>
>> However, the received mail does not actually contain the disclaimer
>> message.     Google has not been my friend today with no results that
>> seem to apply.
>
> Based on these being the top "how to" hits for altermime disclaimers:
>
> https://www.howtoforge.com/how-to-automatically-add-a-disclaimer-to-outgoing-emails-w 
> ith-altermime-postfix-on-debian-squeeze
> https://www.gypthecat.com/how-to-add-different-disclaimers-using-altermime-and-postf 
> ix-based-on-domain

Those were my "templates".   I had to dig a bit deeper to get this far.

> I'm guessing that you're using a similar setup: a script run as a pipe
> transport due to a  content_filter directive in the smtpd line in
> master.cf, which runs altermime on messages selectively and reinjects
> them with sendmail. That's a bit inflexible and inefficient, but I guess
> it would be OK for very modest volume and not needing the disclaimer on
> mail generated on the server itself. That approach pipes *all* mail
> arriving by SMTP into the filter script, avoiding loops because local
> 'sendmail' submission doesn't use SMTP. This would explain why your log
> shows all mail going to "filter".
> Assuming that guess is correct...  

It is.

>I'd start by making sure that the
> script that runs altermime is run by a user that can write to wherever
> it tries to do its work. Once you confirm this isn't a permissions
> problem (which I expect because that would likely cause no delivery at
> all,) add diagnostic lines to the script so you can see what exactly it
> is actually doing when it runs.
>
> And for what it's worth: if you really must do this, consider using a
> better tool. One option: the MIMEDefang milter. MIMEDefang is maybe
> overkill if this is just an outbound system and you don't need robust
> filtering capabilities, but it is a mature, actively maintained, and
> well-documented piece of software that can manipulate MIME messages
> correctly, including adding silly disclaimers selectively without
> damaging message structure. As a milter, it acts on a message as it
> passes through a Postfix smtpd process rather than as a next hop
> transport and Postfix can be configured to also use it for non-SMTP
> injections.

That may be best.  I was put off by alterMIME, last touched in 2008 or so,
but there was precious little else I could find.   Overkill is OK as long as it
stays dead.

I was concerned about "volume" as there are occasional "blasts" of messages that forced me to tinker
so mail flowed through faster.

>There may be other milters available strictly for adding
> disclaimers, but I'm not aware of any.

I sure did not find any.   Thanks for your thorough response.   The MIMEDefang suggestion I will
definitely follow up on.  

Well, off to the sulphur mines.
Reply | Threaded
Open this post in threaded view
|

Re: alterMIME

Lucius Rizzo
In reply to this post by Joe Acquisto-j4
On Mon, Aug 22, 2016 at 04:14:31PM -0400, Joe Acquisto-j4 wrote:
> Any chance of assistance here with alterMIME?    There is a
> need to add disclaimers to outgoing mail.

I looked into altermime a few years ago. It works well with sendmail
(our preferred mta).

In one case, we choose to leave it to Barracuda Cloud Control [1] to
do this. Barracuda cloud spam/anti-virus also allows you to set
disclaimers. Its fairly easy to do to based on recipients or
outgoing mail. This does however pose challenge for DKIM signed mail
as barracuda modifies the message and your DKIM will fail. More and more
hosts these reject invalid emails.

I cannot praise Barracuda enough. Its absolutely necessary if you run a
busy MTA these days and have not given up control to Office365,Google :)

Again altermime with sendmail which also does DKIM signing works.
Another program that does this MimeDefang.

Hope that helps.

[1] - Demo - https://community.barracudanetworks.com/

signature.asc (836 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: alterMIME

Alex JOST-2
Am 23.08.2016 um 14:29 schrieb Lucius Rizzo:

> I cannot praise Barracuda enough. Its absolutely necessary if you run a
> busy MTA these days and have not given up control to Office365,Google :)

I have seen Barracudas rejecting empty envelope senders. I wouldn't
praise such a system.

--
Alex JOST
Reply | Threaded
Open this post in threaded view
|

Re: alterMIME

Tanstaafl
On 8/24/2016 4:33 AM, Alex JOST <[hidden email]> wrote:
> Am 23.08.2016 um 14:29 schrieb Lucius Rizzo:
>
>> I cannot praise Barracuda enough. Its absolutely necessary if you run a
>> busy MTA these days and have not given up control to Office365,Google :)
>
> I have seen Barracudas rejecting empty envelope senders. I wouldn't
> praise such a system.

As with most things, it depends on the one managing it.

I've never used one, but I have read much leading me to believe that
while Barracuda's don't have the best default settings out of the box,
they can be configured to do the right thing.
Reply | Threaded
Open this post in threaded view
|

Re: alterMIME

@lbutlr
In reply to this post by Lucius Rizzo
On 23 Aug 2016, at 06:29, Lucius Rizzo <[hidden email]> wrote:
> I cannot praise Barracuda enough. Its absolutely necessary if you run a
> busy MTA these days and have not given up control to Office365,Google :)

I’ve had many issues with Barracuda over the years and would never recommend them. They joined my permanent shitlist when they offered to remove my mail server from their blacklist if I paid them $395 a year, I think it was.

That is not the only issue, but that is the one that caused them to be permanently blackballed.

Reply | Threaded
Open this post in threaded view
|

Re: alterMIME

Lucius Rizzo
Hello,

On Sat, Aug 27, 2016 at 10:40:31AM -0600, @lbutlr wrote:
> On 23 Aug 2016, at 06:29, Lucius Rizzo <[hidden email]> wrote:
> > I cannot praise Barracuda enough. Its absolutely necessary if you run a
> > busy MTA these days and have not given up control to Office365,Google :)
>
> I’ve had many issues with Barracuda over the years and would never recommend
> them. They joined my permanent shitlist when they offered to remove my mail server
> from their blacklist if I paid them $395 a year, I think it was.

Odd. And interesting. This sounds like extortion. And needs a bit
more details perhaps...

I have worked with their solutions since 2004 and have used both their appliance
and cloud offerings at multiple sites with ^fairly^ large email volumes. Even as mail
communication has shifted to IMs and such, I still regularly recommend them in other
consultant work.  I also use Dyn's Transactional email service along side Office 365
Enterprise on a daily basis.

In my "many" years experience with Barracuda, I have seen odd things --
misconfigured appliances, misconfigured cloud settings etc. Never what you
report, however. Even when dealing with their support teams, I have had a pretty
reasonable and decent experience.

Are you a referring to being including in their RBL's --
called BRBL and BRTS or are you actually using any of their product?

I rather prefer their RBLs over say zen.spamhaus.org. We suffered a
dDOS of virus laden PDF's a few weeks ago. Roughly 250,000 emails in half hour
that went on for a bit. This was successfully managed by Barracuda without
any signs on our downstream  mail servers.

Would you happen to have the reasons of what happened and any communications
regarding this? More details would be useful as to what happened.

> That is not the only issue, but that is the one that caused them to be
> permanently blackballed.

What are the other specific issues?

Sincerely,

LR

Please Note - I do ^not^ work for Barracuda.

signature.asc (836 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

was - ? Re: alterMIME

Joe Acquisto-j4
Perhaps it's time to change the subject line?

Reply | Threaded
Open this post in threaded view
|

Re: was - ? Re: alterMIME

Lucius Rizzo
On Sun, Aug 28, 2016 at 02:49:35PM -0400, Joe Acquisto-j4 wrote:
> Perhaps it's time to change the subject line?

I waited long enough to respond. No mail was blocked by barracuda as
well. From what I can see -- along with rather colourful, somewhat odd
choice of words to descibe barracuda service, I suspect any concerns are
probably from a possible spammer and not a legitimate user of Barracuda.

So, I reaffirm my stance on supporting a rather useful solution.
>

signature.asc (836 bytes) Download Attachment