FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 12-11-2008, 12:56 PM
David Purton
 
Default SA-Exim and acls

Hi,

I'm trying to control whether emails are scanned for spam or not.

So for example when mail is locally generated, I'm setting acl_m0 to
do-not-scan in Exim's acl_check_rcpt.

e.g.,

acl_check_rcpt:
warn hosts = :
set acl_m0 = do-not-scan

then in sa-exim.conf I have

SAEximRunCond: ${if !eq {$acl_m0}{do-not-scan} {1}{0}}

But it's not working The message gets scanned anyway.

The acl is being set, since I can see this happening if I run exim in
debug mode.

but SAEximRunCond is expanding to false (it expands to true if I use
SAEximRunCond: ${if !eq {$acl_m0}{} {1}{0}})

Any ideas what I'm doing wrong?


cheers,

dc

--
David Purton
dcpurton@marshwiggle.net

For the eyes of the LORD range throughout the earth to
strengthen those whose hearts are fully committed to him.
2 Chronicles 16:9a
 
Old 12-12-2008, 05:34 AM
lee
 
Default SA-Exim and acls

On Fri, Dec 12, 2008 at 12:26:10AM +1030, David Purton wrote:

> acl_check_rcpt:
> warn hosts = :
> set acl_m0 = do-not-scan
>
> then in sa-exim.conf I have
>
> SAEximRunCond: ${if !eq {$acl_m0}{do-not-scan} {1}{0}}
>
> But it's not working The message gets scanned anyway.
>
> The acl is being set, since I can see this happening if I run exim in
> debug mode.
>
> but SAEximRunCond is expanding to false (it expands to true if I use
> SAEximRunCond: ${if !eq {$acl_m0}{} {1}{0}})
>
> Any ideas what I'm doing wrong?

Shouldn't that refer to the hosts exim is relaying mail for? The : in
"warn hosts = :" makes for an empty host list, so what you're trying
to do will not apply to any hosts.

And if your acl_check_rcpt is acl_smtp_rcpt, that doesn't seem the
right place to do it.

And what is sa-exim.conf and SAEximRunCond? It would help if you could
post the acls you have in your config.

I would probably set a condition in acl_smtp_data. Something like this
maybe:


warn spam = nobody
!hosts = 192.168.0.0/255.255.255.0
add_header = X-Spam_score: $spam_score

X-Spam_score_int: $spam_score_int

X-Spam_bar: $spam_bar

X-Spam_report: $spam_report


In "!hosts = 192.168.0.0/255.255.255.0", set whatever addresses or
condition you have to identify the clients. I haven't tried it, but I
think it should work.


--
"Don't let them, daddy. Don't let the stars run down."
http://adin.dyndns.org/adin/TheLastQ.htm


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 12-12-2008, 06:20 AM
David Purton
 
Default SA-Exim and acls

On Fri, Dec 12, 2008 at 12:34:57AM -0600, lee wrote:
> On Fri, Dec 12, 2008 at 12:26:10AM +1030, David Purton wrote:
>
> > acl_check_rcpt:
> > warn hosts = :
> > set acl_m0 = do-not-scan
> >
> > then in sa-exim.conf I have
> >
> > SAEximRunCond: ${if !eq {$acl_m0}{do-not-scan} {1}{0}}
> >
>
> Shouldn't that refer to the hosts exim is relaying mail for? The : in
> "warn hosts = :" makes for an empty host list, so what you're trying
> to do will not apply to any hosts.

I have an acl for that too - the above is an example that matches for
when exim is called via commandline by an MUA such as mutt.

> And if your acl_check_rcpt is acl_smtp_rcpt, that doesn't seem the
> right place to do it.

I gather it is if you are using sa-exim. There are some advantages that
I like that sa-exim provides over using exim's exiscan technique as you
are using. The reason for putting the acl in the rcpt is that some
variables are available at the time that spamassassin is called by the
sa-exim plugin - so you set acl_m0 at this point and test it later - at
least I *think* this is how it works.

I'm following the sa-exim readme:

http://marc.merlins.org/linux/exim/files/sa-exim-cvs/README

If I can't get it to work, then I might move to using exiscan, but I
like spamassassin's report_safe, which I understood was not available
using exiscan. Is this right?


cheers

dc

--
David Purton
dcpurton@marshwiggle.net

For the eyes of the LORD range throughout the earth to
strengthen those whose hearts are fully committed to him.
2 Chronicles 16:9a
 
Old 12-12-2008, 08:34 AM
lee
 
Default SA-Exim and acls

On Fri, Dec 12, 2008 at 05:50:10PM +1030, David Purton wrote:
> On Fri, Dec 12, 2008 at 12:34:57AM -0600, lee wrote:
> > On Fri, Dec 12, 2008 at 12:26:10AM +1030, David Purton wrote:
> >
> > > acl_check_rcpt:
> > > warn hosts = :
> > > set acl_m0 = do-not-scan
> > >
> > > then in sa-exim.conf I have
> > >
> > > SAEximRunCond: ${if !eq {$acl_m0}{do-not-scan} {1}{0}}
> > >
> >
> > Shouldn't that refer to the hosts exim is relaying mail for? The : in
> > "warn hosts = :" makes for an empty host list, so what you're trying
> > to do will not apply to any hosts.
>
> I have an acl for that too - the above is an example that matches for
> when exim is called via commandline by an MUA such as mutt.

In that case, there is no SMTP involved, and acl_smtp_rcpt is not
being run. The condition is misplaced, like all the others in the
readme you're using except for the first one. The acl_smtp_rcpt is for
*recipients*, being run for *every* recipient of a message. The other
conditions in the readme need to go into other ACLs, and you need an
extra one for non-smtp messages.

> > And if your acl_check_rcpt is acl_smtp_rcpt, that doesn't seem the
> > right place to do it.
>
> I gather it is if you are using sa-exim.

It's about what these ACLs are for. sa-exim doesn't change how exim
does things.

> There are some advantages that
> I like that sa-exim provides over using exim's exiscan technique as you
> are using. The reason for putting the acl in the rcpt is that some
> variables are available at the time that spamassassin is called by the
> sa-exim plugin - so you set acl_m0 at this point and test it later - at
> least I *think* this is how it works.
>
> I'm following the sa-exim readme:
>
> http://marc.merlins.org/linux/exim/files/sa-exim-cvs/README

Take a look at the exim documentation
(http://exim.org/exim-pdf-current/doc/spec.pdf) and at the sample
configuration (/usr/share/doc/exim4/examples/example.conf.gz). The
readme is a good example, just the conditions have been put into the
wrong ACL.

> If I can't get it to work, then I might move to using exiscan, but I
> like spamassassin's report_safe, which I understood was not available
> using exiscan. Is this right?

Isn't report_save a configuration option of spamassassin? If you can
configure spamd that way, it should work. It's easier to set up, too.

But you can get it to work, just put the conditions into the right
ACLs and check how the variables are handled by exim. I think the
acl_m* variables have been designed to carry information from one ACL
to another, so using the right ACLs shouldn't be a problem.


--
"Don't let them, daddy. Don't let the stars run down."
http://adin.dyndns.org/adin/TheLastQ.htm


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 12-12-2008, 05:35 PM
lee
 
Default SA-Exim and acls

On Fri, Dec 12, 2008 at 03:34:05AM -0600, lee wrote:
> On Fri, Dec 12, 2008 at 05:50:10PM +1030, David Purton wrote:
> > On Fri, Dec 12, 2008 at 12:34:57AM -0600, lee wrote:
> > > On Fri, Dec 12, 2008 at 12:26:10AM +1030, David Purton wrote:
> > >
> > > > acl_check_rcpt:
> > > > warn hosts = :
> > > > set acl_m0 = do-not-scan
> > > >
> > > > then in sa-exim.conf I have
> > > >
> > > > SAEximRunCond: ${if !eq {$acl_m0}{do-not-scan} {1}{0}}
> >
> > - the above is an example that matches for
> > when exim is called via commandline by an MUA such as mutt.
>
> In that case, there is no SMTP involved, and acl_smtp_rcpt is not
> being run.

Ok, I wanted to find out something and added acl_not_smtp:


[...]
acl_not_smtp = acl_other_protocol
acl_smtp_helo = acl_check_helo
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_data
[...]
begin acl

acl_other_protocol:

warn log_message = processing non-SMTP message
accept
[...]
acl_check_rcpt:

warn hosts = :
log_message = this message has an empty host field
[...]


When sending mail with mutt via SMTP, none of the conditions
apply. But when sending mail with mutt without SMTP (the default for
mutt), I'm getting the message about it in /var/log/exim4/mainlog.


--
"Don't let them, daddy. Don't let the stars run down."
http://adin.dyndns.org/adin/TheLastQ.htm


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 12-13-2008, 12:52 AM
David Purton
 
Default SA-Exim and acls

On Fri, Dec 12, 2008 at 12:35:50PM -0600, lee wrote:
> Ok, I wanted to find out something and added acl_not_smtp:
>
>
> [...]
> acl_not_smtp = acl_other_protocol
> acl_smtp_helo = acl_check_helo
> acl_smtp_rcpt = acl_check_rcpt
> acl_smtp_data = acl_check_data
> [...]
> begin acl
>

ah - nice. I see your point. I didn't know about acl_not_smtp. I
switched to setting headers in the rcpt acl and the not smtp acl and
checking for headers with sa-exim instead. it works just like I want it
to. I think the only disadvantage of headers is that they can of course
be spoofed.

Thanks for your help.

dc

--
David Purton
dcpurton@marshwiggle.net

For the eyes of the LORD range throughout the earth to
strengthen those whose hearts are fully committed to him.
2 Chronicles 16:9a
 

Thread Tools




All times are GMT. The time now is 08:28 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org