$OpenBSD: patch-examples_mimedefang-filter-openbsd-ports,v 1.7 2017/10/31 07:34:01 ajacoutot Exp $
Index: examples/mimedefang-filter-openbsd-ports
--- examples/mimedefang-filter-openbsd-ports.orig
+++ examples/mimedefang-filter-openbsd-ports
@@ -3,9 +3,6 @@
 #
 # mimedefang-filter
 #
-# Suggested minimum-protection filter for Microsoft Windows clients, plus
-# SpamAssassin checks if SpamAssassin is installed.
-#
 # Copyright (C) 2002 Roaring Penguin Software Inc.
 #
 # This program may be distributed under the terms of the GNU General
@@ -20,7 +17,7 @@
 # MIMEDefang policy.  A good example would be 'defang-admin@mydomain.com'
 #***********************************************************************
 $AdminAddress = 'postmaster@localhost';
-$AdminName = "MIMEDefang Administrator's Full Name";
+$AdminName = "Postmaster";
 
 #***********************************************************************
 # Set the e-mail address from which MIMEDefang quarantine warnings and
@@ -28,7 +25,7 @@ $AdminName = "MIMEDefang Administrator's Full Name";
 # 'mimedefang@mydomain.com'.  Make sure to have an alias for this
 # address if you want replies to it to work.
 #***********************************************************************
-$DaemonAddress = 'mimedefang@localhost';
+$DaemonAddress = 'postmaster@localhost';
 
 #***********************************************************************
 # If you set $AddWarningsInline to 1, then MIMEDefang tries *very* hard
@@ -63,6 +60,12 @@ md_graphdefang_log_enable('mail', 1);
 # $MaxMIMEParts = 50;
 
 #***********************************************************************
+# Uncomment to enable the clamd(8) anti-virus daemon.
+#***********************************************************************
+# $Features{'Virus:CLAMD'} = 1;
+# $ClamdSock = "/tmp/clamd.socket";
+
+#***********************************************************************
 # Set various stupid things your mail client does below.
 #***********************************************************************
 
@@ -137,6 +140,8 @@ sub filter_begin {
     if ($FoundVirus) {
 	md_graphdefang_log('virus', $VirusName, $RelayAddr);
 	md_syslog('warning', "Discarding because of virus $VirusName");
+	# Uncomment to copy the message to quarantine before discarding it.
+	# action_quarantine_entire_message();
 	return action_discard();
     }
 
@@ -180,10 +185,11 @@ sub filter {
 	return action_bounce("MIME type message/partial not accepted here");
     }
 
-    if (filter_bad_filename($entity)) {
-        md_graphdefang_log('bad_filename', $fname, $type);
-	return action_drop_with_warning("An attachment named $fname was removed from this document as it\nconstituted a security hazard.  If you require this document, please contact\nthe sender and arrange an alternate means of receiving it.\n");
-    }
+    # Uncomment to enable bad extension filtering for MIME messages.
+#    if (filter_bad_filename($entity)) {
+#        md_graphdefang_log('bad_filename', $fname, $type);
+#	return action_drop_with_warning("An attachment named $fname was removed from this document as it\nconstituted a security hazard.  If you require this document, please contact\nthe sender and arrange an alternate means of receiving it.\n");
+#    }
 
     return action_accept();
 }
@@ -209,11 +215,12 @@ sub filter_multipart {
 
     return if message_rejected(); # Avoid unnecessary work
 
-    if (filter_bad_filename($entity)) {
-        md_graphdefang_log('bad_filename', $fname, $type);
-	action_notify_administrator("A MULTIPART attachment of type $type, named $fname was dropped.\n");
-	return action_drop_with_warning("An attachment of type $type, named $fname was removed from this document as it\nconstituted a security hazard.  If you require this document, please contact\nthe sender and arrange an alternate means of receiving it.\n");
-    }
+    # Uncomment to enable bad extension filtering for multipart messages.
+#    if (filter_bad_filename($entity)) {
+#        md_graphdefang_log('bad_filename', $fname, $type);
+#	action_notify_administrator("A MULTIPART attachment of type $type, named $fname was dropped.\n");
+#	return action_drop_with_warning("An attachment of type $type, named $fname was removed from this document as it\nconstituted a security hazard.  If you require this document, please contact\nthe sender and arrange an alternate means of receiving it.\n");
+#    }
 
     # Block message/partial parts
     if (lc($type) eq "message/partial") {
@@ -260,6 +267,9 @@ sub filter_end {
     # No sense doing any extra work
     return if message_rejected();
 
+    # Uncomment to disable SPAM scanning from Sendmail authenticated users
+    #return if ($SendmailMacros{'auth_authen'});
+
     # Spam checks if SpamAssassin is installed
     if ($Features{"SpamAssassin"}) {
 	if (-s "./INPUTMSG" < 100*1024) {
@@ -314,7 +324,40 @@ sub filter_end {
     # by marginal software.  Your call.
 
     # action_rebuild();
+
+    # Uncomment to prepend '[SPAM] ' to the subject of X-Spam-Status tagged mails.
+    # if (spam_assassin_is_spam()) { action_change_header("Subject", "[SPAM] $Subject"); }
+
+    # If the file(s) /etc/mail/disclaimer.txt and/or /etc/mail/disclaimer.html
+    # are present, they will be appended to all outgoing mails.
+    # Modify 192.168.1 to match your local network(s).
+#    if ($RelayAddr =~ /192\.168\.1\./ or $RelayAddr eq "127.0.0.1") {
+#	my $disclaimer = '/etc/mail/disclaimer.txt';
+#	my $disclaimer_html = '/etc/mail/disclaimer.html';
+#
+#	if (-e $disclaimer) {
+#	    open FILE, "<$disclaimer";
+#	    my $text_boilerplate = do { local $/; <FILE> };
+#	    append_text_boilerplate($entity, $text_boilerplate, 0);
+#	}
+#	if (-e $disclaimer_html) {
+#	    open FILE, "<$disclaimer_html";
+#	    my $html_boilerplate = do { local $/; <FILE> };
+#	    append_html_boilerplate($entity, $html_boilerplate, 0);
+#	}
+#    }
 }
+
+# Uncomment to disable processing any mails sent from localhost
+# (mimedefang(8) must be stated with the `-r' flag).
+#sub filter_relay {
+#    my ($ip, $name) = @_;
+#    if ($ip eq '127.0.0.1') {
+#        return ('ACCEPT_AND_NO_MORE_FILTERING', "ok");
+#    }
+#
+#    return ('CONTINUE', "ok");
+#}
 
 # DO NOT delete the next line, or Perl will complain.
 1;
