Re: [EXIM] Problems with system wide filter file

Top Page
Delete this message
Reply to this message
Author: Microwave Systems Eximlist Exploder
Date:  
To: exim-users
CC: John Burnham, exim-users
Subject: Re: [EXIM] Problems with system wide filter file

adding a -d 9 output of a queue run, and the content of my filter. The
message in question is a message I inserted to tickle the filter that
doesnt actually contain the virus.

I specifically dont want to use "fail" becuase way too many people
ignore messages that have "mail returned" in the subject (for various
reasons)

Something I've found odd is the recipient added by the filter (which is
originally the sender), is listed as a _LOCAL_ address, even though it
is not local to the system I'm running this on.


SYSTEM FILTER:

if $h_x-spanska: contains "yes" then
seen mail subject "A message you sent appears to contain a virus"
text "Message appears to contain Win32/Ska.A virus - \n see\
http://www.datafellows.com/v-descs/ska.htm for details" return message
endif


DEBUG OUTPUT:

>From root@??? Fri Jun 11 12:21:01 1999

Date: Fri, 11 Jun 1999 12:20:51 -0400
From: root <root@???>
To: djc@???

Exim version 3.00 debug level 9 uid=0 gid=0
probably Berkeley DB version 1.8x (native mode)
LOG: 0 MAIN
6 args: exim -d 9 -v -M 10sTpH-00064C-00
set_process_info: 24662 3.00 delivering specified messages
delivering message 10sTpH-00064C-00
set_process_info: 24662 3.00 delivering 10sTpH-00064C-00
Opened spool file 10sTpH-00064C-00-H
user=exim uid=4175 gid=12 sender=djc@???
sender_fullhost = (foo) [216.46.203.34]
sender_rcvhost = [216.46.203.34] (helo=foo)
sender_local=0 resent=no ident=unset
Non-recipients:
Empty Tree
---- End of tree ----
recipients_count=1
body_linecount=1 message_linecount=9
running system filter as uid=0 gid=0 euid=4175 egid=12
Filter: start of processing
Filter: end of processing
LOG: 1 MAIN
original recipients ignored (message_filter)
message_filter added >djc@???
Delivery address list:
>djc@???

locked /var/spool/exim/db/retry.lockfile
opened DB file /var/spool/exim/db/retry: flags=0
>>>>>>>>>>>>>>>>>>>>>>>>

Considering: >djc@???
unique = >djc@???:message filter
>>>>>>>>>>>>>>>>>>>>>>>>

After directing:
  Local addresses:
    >djc@???
  Remote addresses:
  Failed addresses:
  Addresses to be routed:
  Deferred addresses:
search_tidyup called

>>>>>> Local deliveries >>>>>>

post-process >djc@???
LOG: 0 MAIN PANIC
== >djc@??? <message filter> transporting defer (-1): No transport set by director
search_tidyup called
>>>>>> Remote deliveries >>>>>>

set_process_info: 24662 3.00 tidying up after delivering 10sTpH-00064C-00
Processing retry items
Succeeded addresses:
Failed addresses:
Deferred addresses:
>djc@???: no retry items

message filter: no retry items
end of retry processing
time on queue = 14m1s
warning counts: required 0 done 0
delivery deferred: update_spool=0 header_changed=0
end delivery of 10sTpH-00064C-00



On Fri, 11 Jun 1999, Microwave Systems Eximlist Exploder wrote:

>
> I'm replying to this becuase I am implementing such a setup, and I am
> now having this same problem. Searching for my error message in the
> eximlist found this message, but I see no one ever replied to it.
>
> John: Did you ever find the solution to your problem?
>
> exim-users: Does anyone know how to fix this?
>
>
>
> On Tue, 18 May 1999, John Burnham wrote:
>
> > Since upgrading to 3.00 I've had a small problem with the system 
> > filter file I have set up. Basically it works on a bunch of conditions to 
> > detect spam / obvious viruses etc. It then emails abuse and saves 
> > the offending email to a file to be checked later. However, since the 
> > upgrade anything triggering this causes several entries to be written 
> > to the paniclog of the form
> > <id> ==> abuse@??? - transporting defer (-1) no transport set 
> > by director
> > Any ideas why it has ceased working ? 
> >  John.
> > --
> > John Burnham
> > jpburnham@???       

> >
> > --
> > *** Exim information can be found at http://www.exim.org/ ***
> >
> >
>
>



--
*** Exim information can be found at http://www.exim.org/ ***