Hi all,
I'm trying to set a server to do SpamAssassin check at smtp time using
Marc's sa-exim. Ok, it is set and running, but I'd like to configure it
better. sa-exim is currently using a header that is placed in the message
by an rcpt acl to disable scanning of the message for certain users (in my
example, it will only be postmaster). This header can be placed in the
header by some spammers to try to bypass scanning.
1- I'd like to be able to give Exim a list of headers that must be removed
from the message at arrival, before data_acl processing (and before the
rcpt_acl warn headers are added to the message).
2- I'd like also to be able to look at the already added headers by a
rcpt_acl when still checking rcpt_acl (either later in the acl for the same
RCPT TO or for another RCPT TO).
3- I'd like to return defer with a custom message from an acl. (only way I
have currently to defer, is by causing an error to occur but this doesn't
return a custom message (something like "acl = inexistant_acl" will do))
Now, I've patched my Exim copy to do 2 (prefixing header by $wh_) and 3 and
came up with the following ACL. It's still a work in progress and I'd like
to get comments about problems it could generate before I go further:
================ begin acl =================
warn local_parts = postmaster
!authenticated = *
hosts = !+relay_from_hosts
message = X-Disable-SA: yes
condition = ${if =={$recipients_count}{0}{1}{0}}
domains = +local_domains : +relay_to_domains
defer local_parts = postmaster
!authenticated = *
hosts = !+relay_from_hosts
message = Try again in a few minutes without the other
recipients I'm accepting.
condition = ${if and{{>={$recipients_count}{1}}{!eq
{$wh_X-Disable-SA:}{yes}}}{1}{0}}
domains = +local_domains : +relay_to_domains
defer !local_parts = postmaster
!authenticated = *
hosts = !+relay_from_hosts
verify = recipient
verify = sender
message = Try again in a few minutes without the other
recipients I'm accepting.
condition = ${if and{{>={$recipients_count}{1}}{eq
{$wh_X-Disable-SA:}{yes}}}{1}{0}}
domains = +local_domains : +relay_to_domains
============== end acl =================
Does any smtp servers out there has problems with 421 responses to RCPT
TO:? Is there many chances to lose mail with such a setup? MUA responses to
421 responses is irrelevant as they need to authenticate or be in
+relay_from_hosts unless they are direct_to_mx_spammers in which case, they
can lose the mail if they want.. :)
Thanks,
--
Patrice Fournier
pfournier@loups.net
I'm trying to set a server to do SpamAssassin check at smtp time using
Marc's sa-exim. Ok, it is set and running, but I'd like to configure it
better. sa-exim is currently using a header that is placed in the message
by an rcpt acl to disable scanning of the message for certain users (in my
example, it will only be postmaster). This header can be placed in the
header by some spammers to try to bypass scanning.
1- I'd like to be able to give Exim a list of headers that must be removed
from the message at arrival, before data_acl processing (and before the
rcpt_acl warn headers are added to the message).
2- I'd like also to be able to look at the already added headers by a
rcpt_acl when still checking rcpt_acl (either later in the acl for the same
RCPT TO or for another RCPT TO).
3- I'd like to return defer with a custom message from an acl. (only way I
have currently to defer, is by causing an error to occur but this doesn't
return a custom message (something like "acl = inexistant_acl" will do))
Now, I've patched my Exim copy to do 2 (prefixing header by $wh_) and 3 and
came up with the following ACL. It's still a work in progress and I'd like
to get comments about problems it could generate before I go further:
================ begin acl =================
warn local_parts = postmaster
!authenticated = *
hosts = !+relay_from_hosts
message = X-Disable-SA: yes
condition = ${if =={$recipients_count}{0}{1}{0}}
domains = +local_domains : +relay_to_domains
defer local_parts = postmaster
!authenticated = *
hosts = !+relay_from_hosts
message = Try again in a few minutes without the other
recipients I'm accepting.
condition = ${if and{{>={$recipients_count}{1}}{!eq
{$wh_X-Disable-SA:}{yes}}}{1}{0}}
domains = +local_domains : +relay_to_domains
defer !local_parts = postmaster
!authenticated = *
hosts = !+relay_from_hosts
verify = recipient
verify = sender
message = Try again in a few minutes without the other
recipients I'm accepting.
condition = ${if and{{>={$recipients_count}{1}}{eq
{$wh_X-Disable-SA:}{yes}}}{1}{0}}
domains = +local_domains : +relay_to_domains
============== end acl =================
Does any smtp servers out there has problems with 421 responses to RCPT
TO:? Is there many chances to lose mail with such a setup? MUA responses to
421 responses is irrelevant as they need to authenticate or be in
+relay_from_hosts unless they are direct_to_mx_spammers in which case, they
can lose the mail if they want.. :)
Thanks,
--
Patrice Fournier
pfournier@loups.net