MDaemon Technologies, Ltd.

Vladimir

We need to use the content filter rules to prohibit the delivery of emails from mail addresses that do not belong to our mail domains (example.com , example.org ), up to some mailing lists (for example, all@example.com ). At the moment, we have used the following type of rules:
[Rule 005]
Rule Name=All
uid={d06f1798-42a4-459a-9447-235f1f90449c}
Enable=Yes
This Rule Condition=All
ProcessQueue=BOTH
Condition01=TO|contains|AND|all@example.com|
Condition02=FROM|does not contain|AND|example|
Action 01=move to public folders|"Bayesian Learning/Spam"

With this rule, we have moved emails from email addresses that do not contain a string with the name of our mail domain and must be delivered to mail lists. We are faced with the fact that this rule may not work.

Mon 2024-07-15 21:20:31.526: [49255345] <-- MAIL FROM:<filosofia@faculdadecatolicadaparaiba.edu.br> SIZE=20081 BODY=7BIT Mon 2024-07-15 21:20:31.526: [49255345] Performing PTR lookup (148.119.12.177.IN-ADDR.ARPA) Mon 2024-07-15 21:20:31.527: [49255345] * D=148.119.12.177.IN-ADDR.ARPA TTL=(1403) PTR=[faculdadecatolicadaparaiba.edu.br] Mon 2024-07-15 21:20:31.527: [49255345] * D=faculdadecatolicadaparaiba.edu.br TTL=(17) A=[177.12.119.148] Mon 2024-07-15 21:20:31.527: [49255345] ---- End PTR results Mon 2024-07-15 21:20:31.527: [49255345] Performing IP lookup (faculdadecatolicadaparaiba.edu.br) Mon 2024-07-15 21:20:31.528: [49255345] * D=faculdadecatolicadaparaiba.edu.br TTL=(17) A=[177.12.119.148] Mon 2024-07-15 21:20:31.528: [49255345] ---- End IP lookup results Mon 2024-07-15 21:20:31.528: [49255345] Performing SPF lookup (faculdadecatolicadaparaiba.edu.br / 177.12.119.148) Mon 2024-07-15 21:20:31.528: [49255345] * Policy (cache): v=spf1 mx ip4:177.12.119.148 -all Mon 2024-07-15 21:20:31.529: [49255345] * Evaluating mx: match Mon 2024-07-15 21:20:31.529: [49255345] * Result: pass Mon 2024-07-15 21:20:31.529: [49255345] ---- End SPF results Mon 2024-07-15 21:20:31.529: [49255345] --> 250 2.1.0 Sender OK Mon 2024-07-15 21:20:31.529: [49255345] <-- RCPT TO:<all@example.com> Mon 2024-07-15 21:20:31.543: [49255345] Производится поиск DNS-BL (177.12.119.148 – соединение с IP) Mon 2024-07-15 21:20:31.723: [49255345] * b.barracudacentral.org - прошло Mon 2024-07-15 21:20:32.432: [49255345] * rbl.rbldns.ru - прошло Mon 2024-07-15 21:20:32.432: [49255345] ---- Конечные результаты DNS-BL Mon 2024-07-15 21:20:32.432: [49255345] --> 250 2.1.5 Recipient OK Mon 2024-07-15 21:20:32.434: [49255345] <-- DATA Mon 2024-07-15 21:20:32.434: [49255345] --> 354 Enter mail, end with <CRLF>.<CRLF> Mon 2024-07-15 21:20:32.864: [49255345] Message size: 20080 bytes Mon 2024-07-15 21:20:32.877: [49255345] Performing DKIM verification Mon 2024-07-15 21:20:32.877: [49255345] * File: e:\mdaemon\queues\temp\md5001002554211.tmp Mon 2024-07-15 21:20:32.877: [49255345] * Message-ID: <230061694.52802.1721065400552.JavaMail.zimbra@faculdadecatolicadaparaiba.edu.br> Mon 2024-07-15 21:20:32.877: [49255345] * Result: neutral Mon 2024-07-15 21:20:32.877: [49255345] ---- End DKIM results Mon 2024-07-15 21:20:34.058: [49255345] Passing message through Outbreak Protection... Mon 2024-07-15 21:20:34.058: [49255345] * Message-ID: <230061694.52802.1721065400552.JavaMail.zimbra@faculdadecatolicadaparaiba.edu.br> Mon 2024-07-15 21:20:34.058: [49255345] * Reference-ID: str=0001.0A682F1D.66956871.0E24,ss=1,re=0.000,recu=0.000,reip=0.000,cl=1,cld=1,fgs=0 Mon 2024-07-15 21:20:34.058: [49255345] * Virus result: 0 - Clean Mon 2024-07-15 21:20:34.058: [49255345] * Spam result: 1 - Clean Mon 2024-07-15 21:20:34.058: [49255345] * IWF result: 0 - Clean Mon 2024-07-15 21:20:34.058: [49255345] ---- End Outbreak Protection results Mon 2024-07-15 21:20:34.274: [49255345] Создание сообщения successful: e:\mdaemon\queues\inbound\md5001012800458.msg Mon 2024-07-15 21:20:34.274: [49255345] --> 250 2.6.0 Ok, message saved <Message-ID: <230061694.52802.1721065400552.JavaMail.zimbra@faculdadecatolicadaparaiba.edu.br>> Mon 2024-07-15 21:20:34.274: [49255345] <-- QUIT Mon 2024-07-15 21:20:34.275: [49255345] --> 221 2.0.0 See ya in cyberspace Mon 2024-07-15 21:20:34.275: [49255345] SMTP session successful (Bytes in/out: 21483/4957)

In the content filter logs, the header "To" is empty, most likely it was sent to several addresses at once, including mail lists, since there are records with an empty "To" and with addressees, among which there was all@example.com , and the content filter did not work. The real mail domain has been replaced here with "example".

Mon 2024-07-15 21:20:37.649: Content Filter processing e:\mdaemon\queues\inbound\md5001012800458.msg...
Mon 2024-07-15 21:20:37.649: * Message return-path:
Mon 2024-07-15 21:20:37.649: * Message from: filosofia@faculdadecatolicadaparaiba.edu.br
Mon 2024-07-15 21:20:37.649: * Message to:
Mon 2024-07-15 21:20:37.649: * Message subject: [***SPAM*** Score/Req: 14.8/7.0] Срок действия пароля для электронной почты Zimbra скоро истекает с сегодняшнего дня
Mon 2024-07-15 21:20:37.649: * Message ID: <230061694.52802.1721065400552.JavaMail.zimbra@faculdadecatolicadaparaiba.edu.br>
Mon 2024-07-15 21:20:37.649: Start Content Filter results
Mon 2024-07-15 21:20:37.652: * Message matched rule: 33 "External sender WARNING RU" (Hits: 216443)
Mon 2024-07-15 21:20:37.668: * Action: HTML warning added to message
Mon 2024-07-15 21:20:37.671: * Matched 1 of 29 active rules
Mon 2024-07-15 21:20:37.671: End of Content Filter results

We tried to apply filters based on the X-MDMailing-List header, but this rule did not work when testing sending to mailing lists. Perhaps mdaemon adds this header after the initial processing by the content filter. Please explain where the content filter processes the email for the first time, if there are only two types of queues in the content filter itself - local and remote, and the email arrives initially in the inbox.

An example of a rule that does not work on the header X-MDMailing-List when sending an email from an external mail to a mailing list test2@example.com

[Rule040]
RuleName=Test2 (X-MDMailing-List)
uid={0a835b85-6d44-494d-a2ea-2b5de2271d98}
Enable=Yes
ThisRuleCondition=All
ProcessQueue=BOTH
Condition01=FROM|does not contain|AND|example|
Condition02=X-MDMAILING-LIST|contains|AND|test2@example.com|
Action01=move to public folders|"Bayesian Learning/Spam"

21
Posts

669
Views

A

Arron Admin Staff

7/22/24, 7:21 AM

Please upload a copy of your mdaemon.ini and everyone@example.com.grp files from the MDaemon\app directory. You can upload them to https://mdaemon.sharefile.com/r-rc3922c1eed334d4dbf5e34f0bd04ccd6

V

Vladimir

7/22/24, 7:45 AM

uploaded mdaemon.zip

A

Arron Admin Staff

7/22/24, 8:33 AM

Your lists are configured as private, so only list members should be able to post to them. Messages that are not from members of the list should not be getting posted to the list. If you are interested in looking into this, please upload the MSG file for a message that was sent to the list that should not have been along with all of the MDaemon logs for the day.

Looking at the settings you have configured, MDaemon is going to apply content filter rules before it creates copies for each member of the list. To adjust for messages that do not contain the list's email address in the To header change the rule to check the X-MDaemon-Deliver-To header. Your rule would look something like this:

[Rule 005]
Rule Name=All
uid={d06f1798-42a4-459a-9447-235f1f90449c}
Enable=Yes
This Rule Condition=All
ProcessQueue=BOTH
Condition01=X-MDAEMON-DELIVER-TO|contains|AND|all@example.com|
Condition02=FROM|does not contain|AND|example|
Action 01=move to public folders|"Bayesian Learning/Spam"

If you want a rule to look for the X-MDMailing-List header you would need to change the content filter processing to occur after individual messages are created. This will work, but would not be my first choice. I'd suggest adjusting your rule to look for the X-MDaemon-Deliver-To header or sending the additional information so we can try to figure out why this message is being allowed in the first place.

V

Vladimir

7/22/24, 8:46 AM

The X-MDAEMON-DELIVER-TO header contains a specific member of the mailing list, not the list itself, isn't that right? The eml file was uploaded as well.

A

Arron Admin Staff

7/22/24, 9:08 AM

The X-MDAEMON-DELIVER-TO header contains a specific member of the mailing list, not the list itself, isn't that right?

When the content filter is processing list mail before individual copies are created, the X-MDaemon-Deliver-To header does not contain the specific list member. In fact, it doesn't exist at all at this point. Sorry, the testing I did was not accurate.

After looking at the MSG file you uploaded, I also noticed that I requested the .grp file for the wrong list.

If you go to Setup / Mailing List Manager / all@example.ru / Setttings, is the box checked for "Refuse messages from non list members" ?

If its not, simply check the box, MDaemon should then require any messages posted to the list come from members of the list.

It looks like you may have lists as members of the all list, in which case you may need to add members to the lists so that any local users can post to it. You can do this by adding *@example.ru and/or *@example.com as post only members of the lists.

If the box is already checked, please upload a copy of the all@example.ru list along with all of MDaemon's logs that show the message being processed.

V

Vladimir

7/22/24, 9:30 AM

"Refuse messages from non list members" box unchecked.

all@ was given as an example, we cannot limit delivery in this way, since for example, a male employee from our domain will need to send an email to the WOMAN@ mailing list for all female employees.

The ALL@ mailing list, in turn, contains the lists MAN@, WOMAN@

You can do this by adding *@example.ru and/or *@example.com as post only members of the lists.

if you add to any mailing list of recipients with a substitution through the "*" character, this will not result in the delivery of emails sent to such a list to all accounts of the specified mail domains?

uploaded all@

A

Arron Admin Staff

7/22/24, 9:53 AM

if you add to any mailing list of recipients with a substitution through the "*" character, this will not result in the delivery of emails sent to such a list to all accounts of the specified mail domains?

When you add a member such as *@domain.com you must add them as a "Post Only" member of the list. This grants them the abiltiy to post to the list but it does not give them the ability to receive messages from the list.

V

Vladimir

7/23/24, 3:20 AM

When you add a member such as *@domain.com you must add them as a "Post Only" member of the list. This grants them the abiltiy to post to the list but it does not give them the ability to receive messages from the list.

If you add "*@example.com " to a mailing list with the type "Post Only", for example in "all@example.com ", and then open any account that was not previously in the mail list "all@example.com " mail domain example.com (via Remote Administrator) "Account Settings -Mailing Lists - Subscribed Lists:"
then the mailing list will already be displayed here "all@example.com ". At the same time, in the "Available List:" no "all@example.com "and through "Account Settings" there is no way to add this account with the "Normal" type, so that the account could not only send messages to the mailing list, but also receive them.

It remains only through the "Mailing List Manager" to open the necessary lists and add the necessary account to them, which is inconvenient, since it does not allow you to conveniently add the necessary mail lists to one account at once.

A

Arron Admin Staff

7/23/24, 8:29 AM

The only other way that I'm aware of to handle this is using a combination of content filter rules and powershell scripts. Below is an example of how it can be done. I do not reccomend using this as its more more resource intensive and more dangerous than simply setting the lists to private.

You'll need to create a rule like the following:

[Rule007]
RuleName=List Removal
uid={3c6f537a-2944-46c7-b219-4843964eb030}
Enable=Yes
ThisRuleCondition=Any
ProcessQueue=BOTH
Condition01=FROM|does not contain|AND|@example.com|
Action01=run a program|"-1,0,0","C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File c:\temp\FilterlistMail.ps1 $MESSAGEFILENAME$"

And then create a powershell script like the following and save it as c:\temp\FilterListMail.ps1:

########################################################################################################################
########################################################################################################################
## Filter List Mail  V1.0.0                                                                                                                                                                                                                       ##
## July 23, 2024    			                                                         														                                      ##
## Copyright MDaemon Technologies	2024	                                                 											                                      ##
##                                                                                                                                                                                                                                                          ##
## This script is designed to find messages addressed to a specific list and delete the messages. When a message is found with the list email address               ##
## as a recipient the entire message is deleted.                                                                                                                                                                                  ##
## This script is designed to be used with used with MDaemon Technologies products. The use of this script for any other purpose or                                        ##
##  with any other products is not allowed.                                                                                                                                                                                          ##
##                                                                                                                                                                                                                                                          ##
## MDaemon Technologies offers no warranty, provides no support, and is not responsible for any damages that may be arise                                                    ##
## from the use of this script. Use at your own risk.                                                                                                                                                                             ##
##                                                                                                                                                                                                                                                           ##
########################################################################################################################
########################################################################################################################


param(
    [string]$MSGFileName = "C:\MDaemon\Queues\Inbound\md5001000000432.msg"
)

$REGEX = '(\d{1,3}\=)(.*)(\s)(.*\s)'
$ListEmail = "list@example.com"
$LogPath = "c:\temp\FilterListMail.log"
$InboundPath = "c:\mdaemon\queues\inbound\*"

Start-Transcript $LogPath -Append
Write-Host "MSGFileName: $MSGFileName"

if($MSGFileName -like $InboundPath){
    $CTLFileName = $MSGFileName.Replace(".msg",".ctl")

    Write-Host "CTLFileName: $CTLFileName"
    
    Get-Content $CTLFileName | Select-String -pattern $REGEX | ForEach-Object {

        $Recipient = $_.matches.groups[2].value.Trim()
        Write-Host "Recipient: $Recipient"
        if($Recipient -like $ListEmail){
            Write-Host "Message found to $ListEmail, Deleting..."
			Remove-Item $MSGFileName -force
            Stop-Transcript
            Exit 1
        }
    }
} 

Stop-Transcript
Exit 0

This script will delete any messages that have list@example.com listed as a recipient. Your content filter rule needs to exclude any messages that are From local domains. There will be no trace of the messages being deleted in the MDaemon logs. The routing log will show the message being processed in the Inbound Queue, the content filter log will show the message matching the rule and "Process Executed".

The script itself creates its own log at c:\temp\filterlistmail.log. The log will grow indefinitely, you'll need to maintain it or adjust the script to not append. You will need to adjust and maintain the script for your needs. It is highly reccomend that you test thoroughly before implementing in a live environment as this script deletes email and there is no way to recover the email once it has been deleted.

V

Vladimir

7/23/24, 8:58 AM

@Arron

The only other way that I'm aware of to handle this is using a combination of content filter rules and powershell scripts. Below is an example of how it can be done. I do not reccomend using this as its more more resource intensive and more dangerous than simply setting the lists to private.

Is the option with the disabled option "Apply content & spam filters to list mail before cracking individual copies" and filtering content by the header "X-MDMailing-List" less priority than using this script? Will this create an additional, possibly high, load on the server?

A

Arron Admin Staff

7/23/24, 10:34 AM

It is impossible to know which way is less resource intsensive.

If you'd like to disable the option for "Apply content & spam filtesr to list mail before cracking individual copies" you can, but you need to check all of your existing content filter rules to make sure its not going to alter how they work.

When checking the X-MDMailing-List header, if a list is a member of a list, the X-MDMailing-List header will contains the email address of the last list to process the message. This means if you have a list call All@example.com and one of its members is list@example.com then the messages created by list@example.com when a message is sent to all@example.com will contain list@example.com in the X-MD-Mailing-List header.

If you want to reject all mail from non local users that is addressed to a mailing list, you can check the From header and for the existence of the X-MDMailing-List header.

V

Vladimir

7/24/24, 3:17 AM

But we still don't understand why our content filter rule doesn't work.

[Rule 005]
Rule Name=All
uid={d06f1798-42a4-459a-9447-235f1f90449c}
Enable=Yes
This Rule Condition=All
ProcessQueue=BOTH
Condition01=TO|contains|AND|all@example.ru|
Condition02=FROM|does not contain|AND|example|
Action 01=move to public folders|"Bayesian Learning/Spam"

From the log we can see:

Tue 2024-07-23 20:12:20.719: [49581177] <-- MAIL FROM:<i.nikonova@mail.trbzdrav.ru> SIZE=10790 BODY=7BIT

Tue 2024-07-23 20:12:20.719: [49581177] Performing PTR lookup (166.1.17.84.IN-ADDR.ARPA)

Tue 2024-07-23 20:12:20.719: [49581177] * D=166.1.17.84.IN-ADDR.ARPA TTL=(1346) PTR=[mail.trbzdrav.ru]

Tue 2024-07-23 20:12:20.720: [49581177] * D=mail.trbzdrav.ru TTL=(0) A=[84.17.1.166]

Tue 2024-07-23 20:12:20.720: [49581177] ---- End PTR results

Tue 2024-07-23 20:12:20.720: [49581177] Performing IP lookup (mail.trbzdrav.ru)

Tue 2024-07-23 20:12:20.720: [49581177] * D=mail.trbzdrav.ru TTL=(0) A=[84.17.1.166]

Tue 2024-07-23 20:12:20.720: [49581177] ---- End IP lookup results

Tue 2024-07-23 20:12:20.721: [49581177] Performing SPF lookup (mail.trbzdrav.ru / 84.17.1.166)

Tue 2024-07-23 20:12:20.732: [49581177] * Policy: v=spf1 ip4:84.17.1.166 +mx -all

Tue 2024-07-23 20:12:20.732: [49581177] * Evaluating ip4:84.17.1.166: match

Tue 2024-07-23 20:12:20.732: [49581177] * Result: pass

Tue 2024-07-23 20:12:20.732: [49581177] ---- End SPF results

Tue 2024-07-23 20:12:20.732: [49581177] --> 250 2.1.0 Sender OK

Tue 2024-07-23 20:12:20.732: [49581177] <-- RCPT TO:<all@example.ru>

Tue 2024-07-23 20:12:20.746: [49581177] Производится поиск DNS-BL (84.17.1.166 – соединение с IP)

Tue 2024-07-23 20:12:20.927: [49581177] * b.barracudacentral.org - прошло

Tue 2024-07-23 20:12:21.269: [49581177] * rbl.rbldns.ru - прошло

Tue 2024-07-23 20:12:21.269: [49581177] ---- Конечные результаты DNS-BL

Tue 2024-07-23 20:12:21.269: [49581177] --> 250 2.1.5 Recipient OK

Tue 2024-07-23 20:12:21.271: [49581177] <-- DATA

Tue 2024-07-23 20:12:21.272: [49581177] --> 354 Enter mail, end with .

Tue 2024-07-23 20:12:21.323: [49581177] Message size: 10790 bytes

Tue 2024-07-23 20:12:21.336: [49581177] Performing DKIM verification

Tue 2024-07-23 20:12:21.336: [49581177] * File: e:\mdaemon\queues\temp\md5001002877887.tmp

Tue 2024-07-23 20:12:21.336: [49581177] * Message-ID: <20240723143335.9A8436C6124@mail.trbzdrav.ru>

Tue 2024-07-23 20:12:21.337: [49581177] * DKIM-Signature 1: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mail.trbzdrav.ru; s=B39153E0-1FF2-11E6-A985-7BB2B07A0245; t=1721745220; b h=MIME-Version:To:From:Date:Message-Id;

Tue 2024-07-23 20:12:21.337: [49581177] * Verification result: DKIM_SUBJECT_NOT_SIGNED

Tue 2024-07-23 20:12:21.337: [49581177] * Result: neutral

Tue 2024-07-23 20:12:21.337: [49581177] ---- End DKIM results

Tue 2024-07-23 20:12:21.344: [49581177] Выполняется обработка DMARC

Tue 2024-07-23 20:12:21.344: [49581177] * Файл: e:\mdaemon\queues\temp\md5001002877887.tmp

Tue 2024-07-23 20:12:21.344: [49581177] * Код сообщения: <20240723143335.9A8436C6124@mail.trbzdrav.ru>

Tue 2024-07-23 20:12:21.344: [49581177] * Домен автора: mail.trbzdrav.ru

Tue 2024-07-23 20:12:21.344: [49581177] * Домен организации: trbzdrav.ru

Tue 2024-07-23 20:12:21.344: [49581177] * Запрашиваемый домен: _dmarc.mail.trbzdrav.ru

Tue 2024-07-23 20:12:21.410: [49581177] * Запись политики: v=DMARC1; p=reject

Tue 2024-07-23 20:12:21.410: [49581177] * Проверка механизмов проверки подлинности на согласованность с DMARC

Tue 2024-07-23 20:12:21.410: [49581177] * SPF: домен "mail.trbzdrav.ru" прошел проверку SPF; и домен согласован с DMARC

Tue 2024-07-23 20:12:21.411: [49581177] * DKIM: домен "mail.trbzdrav.ru" (from d= of signature #1) не прошел верификацию

Tue 2024-07-23 20:12:21.411: [49581177] * Результат: pass

Tue 2024-07-23 20:12:21.411: [49581177] ---- Конец результатов DMARC

Tue 2024-07-23 20:12:21.710: [49581177] Passing message through Outbreak Protection...

Tue 2024-07-23 20:12:21.710: [49581177] * Message-ID: <20240723143335.9A8436C6124@mail.trbzdrav.ru>

Tue 2024-07-23 20:12:21.710: [49581177] * Reference-ID: str=0001.0A782F23.669FE475.00AB:SCFSTAT112204700,ss=1,re=-4.000,recu=0.000,reip=0.000,cl=1,cld=1,fgs=0

Tue 2024-07-23 20:12:21.710: [49581177] * Virus result: 0 - Clean

Tue 2024-07-23 20:12:21.710: [49581177] * Spam result: 1 - Clean

Tue 2024-07-23 20:12:21.710: [49581177] * IWF result: 0 - Clean

Tue 2024-07-23 20:12:21.710: [49581177] ---- End Outbreak Protection results

Tue 2024-07-23 20:12:21.736: [49581177] Создание сообщения successful: e:\mdaemon\queues\inbound\md5001012859135.msg

Tue 2024-07-23 20:12:21.736: [49581177] --> 250 2.6.0 Ok, message saved >

Tue 2024-07-23 20:12:21.737: [49581177] <-- QUIT

Tue 2024-07-23 20:12:21.737: [49581177] --> 221 2.0.0 See ya in cyberspace

Tue 2024-07-23 20:12:21.737: [49581177] SMTP session successful (Bytes in/out: 11968/4889

where is the line:

Tue 2024-07-23 20:12:20.732: [49581177] <-- RCPT TO:<all@example.ru>

But at the same time, when the content filter is launched, the "To" header has the same destination as the "From" header

Tue 2024-07-23 20:12:26.733: Content Filter processing e:\mdaemon\queues\inbound\md5001012859135.msg...

Tue 2024-07-23 20:12:26.733: * Message return-path:

Tue 2024-07-23 20:12:26.733: * Message from: i.nikonova@mail.trbzdrav.ru

Tue 2024-07-23 20:12:26.733: * Message to: i.nikonova@mail.trbzdrav.ru

Tue 2024-07-23 20:12:26.733: * Message subject: Admin@

Tue 2024-07-23 20:12:26.734: * Message ID: <20240723143335.9A8436C6124@mail.trbzdrav.ru>

Tue 2024-07-23 20:12:26.734: Start Content Filter results

Tue 2024-07-23 20:12:26.740: * Matched 0 of 32 active rules

Tue 2024-07-23 20:12:26.740: End of Content Filter results

Why does the "To" header not contain what was in "RCPT TO". How is the letter e:\mdaemon\queues\inbound\md5001012859135.msg is delivered to the mailing list all@example.ru In what way?

A

Arron Admin Staff

7/24/24, 7:08 AM

The RCPT TO command of the SMTP session and the TO header of the email are not the same.

The TO header in the email is used by users and mail clients, but the server does not use it to determine who receives a copy of the email. This can be demonstrated by using the CC field when composing an email. Enter the list address (all@example.ru) in the CC field and enter nothing in the TO field, then send the message. You'll notice the RCPT TO command of the SMTP session comains all@example.ru, but the TO header will be blank.

Servers use the values passed in the RCPT TO command of the SMTP session to determine who should receive a copy of the email.

V

Vladimir

7/24/24, 7:19 AM

Servers use the values passed in the RCPT TO command of the SMTP session to determine who should receive a copy of the email.

Is "RCPT TO" not associated with any email header? It cannot be filtered in the content filter, but does it contain the mailbox address?

A

Arron Admin Staff

7/24/24, 7:53 AM

For messages that are NOT sent to a mailing list, you can use the X-MDaemon-Deliver-To header. For messages that are sent to a mailing list, it is not that simple. Which is why the alternative methods that were discussed in this post were presented.

If you'd like to see the headers that are available when you use the option for "Apply content & spam filters to list mail before cracking individual copies", freeze the inbound queue on your MDaemon server and send a message to a mailing list. Open the MSG file in notepad. The data in the MSG file is what the content filter has access to when it processes a list message before cracking. At this point the ENVELOPE data, such as the values passed in the RCPT TO command are in the CTL file. The CTL file has the sane name as the MSG file, but the extension is CTL instead of MSG. The powershell script provided reads the CTL file to determine if the message is addressed to a mailing list.

If you disable the option for "Apply content & spam filters to list mail before cracking individual copies" then messages are processed by the content filter in the Local and Remote Queues. You can see the headers and values that are available for these messages by freezing the Local and Remote queues, then unfreezing the Inbound queue. Once the messages are placed into the Local or Remote queue, open one of the MSG files. There are a number of different headers to choose from at this point, but you've already created a copy of the message for every single email address on the list.

Don't forget to unfreeze the queues when you are done so that mail can flow again.

V

Vladimir

7/24/24, 2:34 PM

When using a BCC (blind carbon copy) in a test, the msg file, when saving it to inbound, does not have a single header where the address of the mailing list would be stored. Therefore, there is only one way left - to use a script.

param( [string]$MSGFileName = "C:\MDaemon\Queues\Inbound\md5001000000432.msg " )

Is there a specific letter here for example? It is probably necessary to define $MSGFileName from the passed parameter $MESSAGEFILENAME$ when running the script.

A

Arron Admin Staff

7/24/24, 3:52 PM

Is there a specific letter here for example? It is probably necessary to define $MSGFileName from the passed parameter $MESSAGEFILENAME$ when running the script.

I'm not exactly sure what you are asking, but the content filter rule is setup to pass the value of the $MESSAGEFILENAME$ macro to the script. The value of the macro should be the full path to the MSG file on disk. The script is setup to access the parameter from the command line and store it as $MSGFileName, which it then uses to determine the path to the CTL file.

V

Vladimir

7/24/24, 11:36 PM

Is there a specific letter here for example? It is probably necessary to define $MSGFileName from the passed parameter $MESSAGEFILENAME$ when running the script.

Difficulties of translation. In your script, the variable $MSGFileName is explicitly set to the value of "C:\MDaemon\Queues\Inbound\md5001000000432.msg" if the variable "$MESSAGEFILENAME$" turns out to be empty when running the script. Probably, here it is necessary to correct for:

param(
    [string]$MSGFileName
)

V

Vladimir

10/25/24, 10:00 AM

Action01=run a program|"-1,0,0","C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -File c:\temp\FilterlistMail.ps1 $MESSAGEFILENAME$"

While this program is executing, the server should suspend all operations for seconds.

If you set the parameter to 0, the server will not suspend its work - what exactly is meant by this? For a given filtered email, will the following content filter rules wait for this process to complete or not? We are interested in the case when a lot of emails arrive, and so that the server can process them in parallel, while performing all the filtering logic, after executing the powershell script.

Content filter for mailing lists

Related topics

Let’s Encrypt PowerShell script fails reading MDaemon.ini - Add-Type / GetPrivateProfileString BadImageFormatException

DANE Support

MDaemon 26.0.3 has been released!

Web Conference - Unable to connect to server

Email duplication

Participants

Arron

Vladimir