This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Attachment Stats

I am running version 5.5.9.388399 of Pure Message for unix and I have the following in my Policy.siv: pmx_attachment_log; It's the last statement before the closing } and it doesn't seem to be collecting anything because the report Attachment Sizes always shows No Data Available. Shouldn't I be seeing something in this report? Can I verify on the command line this is working? Thank you, Erric

This thread was automatically locked due to age.

Parents

0 whatever over 14 years ago
Hi Erric,
here's my Policy Layout
Mark the message if it comes from a backup-MX
check if the blocker doesn't like it (i accept all usernames for my domains) and if it doesn't, quarantine it
check for bounces
do the virus tests
log the attachments
# attr NAME=Attachment Test
if pmx_number_of_attachments :over 0 {
# attr NAME=Attachment Test 2
if pmx_attachment_size :over 2 {
pmx_mark "fn" "%%ATTACHMENT_NAMES%%";
}
pmx_attachment_log;
}
After that it's the regular white- and blacklists
And if the messages survives all that, it's accepted and delivered.
Sample Logline for a message with two attachments
first being an MP3, second being a PDF
2010-02-01T22:21:27 q=4B6745D0_7086_240280_1 f=<whatever@test.somewhere> t=<pmx@test.somewhere> Size=4649189 nixspam=false pmx_reason=?q?Opt_Out at=1,2667396,application/pdf at=1,4648561,multipart/mixed at=1,1980524,audio/mpeg at=1,2,text/plain b=ok s=Attachment_log_sample h=SXL_IP_DYNAMIC h=BODY_SIZE_10000_PLUS h=FORGED_MUA_OUTLOOK h=PDF_ATTACHED h=PDF_ATTACHED_2 h=PDF_ENCRYPT h=PDF_ENCRYPT_HASH h=RDNS_DYNAMIC h=RDNS_SUSP h=RDNS_SUSP_SPECIFIC h=TO_NO_NAME h=__CT h=__CTYPE_HAS_BOUNDARY h=__CTYPE_MULTIPART h=__CTYPE_MULTIPART_MIXED h=__HAS_MSGID h=__HAS_X_MAILER h=__MIME_VERSION h=__OUTLOOK_MUA h=__OUTLOOK_MUA_1 h=__RDNS_DYNAMIC_1 h=__SANE_MSGID h=__TO_MALFORMED_2 h=__USER_AGENT_MS_GENERIC h=__ix.dnsbl.manitu.net_ERROR fn=?q?Boomdeyada.mp3,_BC245XLTom=5FVA.pdf pmx_action=?q?keep,Opt_Out,-,pmx@test.somewhere,pmx@test.somewherevs p=0.269 fur=8.8.8.8 r=test.somewhere tm=7.31 a=a/eom
Hope that helps
:1063
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 whatever over 14 years ago
Hi Erric,
here's my Policy Layout
Mark the message if it comes from a backup-MX
check if the blocker doesn't like it (i accept all usernames for my domains) and if it doesn't, quarantine it
check for bounces
do the virus tests
log the attachments
# attr NAME=Attachment Test
if pmx_number_of_attachments :over 0 {
# attr NAME=Attachment Test 2
if pmx_attachment_size :over 2 {
pmx_mark "fn" "%%ATTACHMENT_NAMES%%";
}
pmx_attachment_log;
}
After that it's the regular white- and blacklists
And if the messages survives all that, it's accepted and delivered.
Sample Logline for a message with two attachments
first being an MP3, second being a PDF
2010-02-01T22:21:27 q=4B6745D0_7086_240280_1 f=<whatever@test.somewhere> t=<pmx@test.somewhere> Size=4649189 nixspam=false pmx_reason=?q?Opt_Out at=1,2667396,application/pdf at=1,4648561,multipart/mixed at=1,1980524,audio/mpeg at=1,2,text/plain b=ok s=Attachment_log_sample h=SXL_IP_DYNAMIC h=BODY_SIZE_10000_PLUS h=FORGED_MUA_OUTLOOK h=PDF_ATTACHED h=PDF_ATTACHED_2 h=PDF_ENCRYPT h=PDF_ENCRYPT_HASH h=RDNS_DYNAMIC h=RDNS_SUSP h=RDNS_SUSP_SPECIFIC h=TO_NO_NAME h=__CT h=__CTYPE_HAS_BOUNDARY h=__CTYPE_MULTIPART h=__CTYPE_MULTIPART_MIXED h=__HAS_MSGID h=__HAS_X_MAILER h=__MIME_VERSION h=__OUTLOOK_MUA h=__OUTLOOK_MUA_1 h=__RDNS_DYNAMIC_1 h=__SANE_MSGID h=__TO_MALFORMED_2 h=__USER_AGENT_MS_GENERIC h=__ix.dnsbl.manitu.net_ERROR fn=?q?Boomdeyada.mp3,_BC245XLTom=5FVA.pdf pmx_action=?q?keep,Opt_Out,-,pmx@test.somewhere,pmx@test.somewherevs p=0.269 fur=8.8.8.8 r=test.somewhere tm=7.31 a=a/eom
Hope that helps
:1063
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data