Mailing List Archive

On 04 June 2002, Owen Creger said:
> I'm using Exim 3.22-14 on RedHat w/ Kernel 2.4
> The box is in my DMZ and handles all inbound and outbound mail from my
> internal server.
>
> I have searched the exim-users group and haven't found anything I can use.
> I have looked at the doc @
> http://bogmog.sourceforge.net/document_show.php?doc_id=28
> It appears to be a config for a terminal MTA and not an intermediate MTA
>
> How do I setup spammassassin with Exim on an intermediate MTA?
> I also don't want it to scan outbound messages, to save on processor cycles.

On one of the Exim server I run, I use the system filter -- works
great. Set up the system filter as usual, and then in the filter:

------------------------------------------------------------------------
# Only run any of this stuff on the first pass through the
# filter - this is an optimisation for messages that get
# queued and have several delivery attempts.
if not first_delivery then
finish
endif

# Let error messages through; this includes virus rejections
# generated below! (The $header_from check is needed to
# dodge the "hahaha@sexyfun.net" worm, which uses a null envelope
# sender. Sigh.)
if error_message and $header_from: does not contain "hahaha@sexyfun.net" then
finish
endif

# If this message originated locally (eg. from Mailman or a direct
# "sendmail ..." invocation), or if it has already been processed by
# spamcheck, then stop processing now. Send it on as-is, without
# checking for viruses or spam.
if ($received_protocol is "local" or
$received_protocol is "spamc" or
$sender_host_address is "127.0.0.1" or
$h_X-Spam-Flag: is not "") then
finish
endif

[.... lots of virus checks skipped -- viruses are either saved or
returned, depending on the virus signature ...]

pipe "/etc/exim/routespam $sender_address $recipients"
------------------------------------------------------------------------

IOW: all mail that is not an error message, not received "locally" (you
would have to adjust the definition of "locally" to account for all your
internal hosts -- ie. not just 127.0.0.1), and doesn't look like a virus
is piped through my routespam script.

routespam and related tools are available via CVS at
satools.sourceforge.net . Enjoy!

Greg
--
Greg Ward - software developer gward@mems-exchange.org
MEMS Exchange http://www.mems-exchange.org

--
On Tue, Jun 04, 2002 at 02:25:00PM -0400, Owen Creger wrote:
| I'm using Exim 3.22-14 on RedHat w/ Kernel 2.4
| The box is in my DMZ and handles all inbound and outbound mail from my
| internal server.
|
| I have searched the exim-users group and haven't found anything I can use.
| I have looked at the doc @
| http://bogmog.sourceforge.net/document_show.php?doc_id=28
| It appears to be a config for a terminal MTA and not an intermediate MTA
|
| How do I setup spammassassin with Exim on an intermediate MTA?
| I also don't want it to scan outbound messages, to save on processor cycles.

Take your pick :
http://marc.merlins.org/linux/exim/sa.html
http://dman.ddts.net/~dman/config_docs/

While that second doc was written with a terminal MTA in mind, there
is nothing preventing your routers (or directors) after the spamcheck
one from passing mail to another server.

-D

PS. What's a DMZ? 'dict' says it's a "De-militarized zone". I
didn't know their were military troops inside any mail server
:-).

--

It took the computational power of three Commodore 64s to fly to the moon.
It takes at least a 486 to run Windows 95.
Something is wrong here.

GnuPG key : http://dman.ddts.net/~dman/public_key.gpg

--
[ Content of type application/pgp-signature deleted ]
--