RE: [Exim] Using Spam Assassin with Exim for remote addresse…

Top Page
Delete this message
Reply to this message
Author: Rice, Kevin
Date:  
To: 'Patrice Fournier'
CC: 'exim-users@exim.org'
Subject: RE: [Exim] Using Spam Assassin with Exim for remote addresses
Great! This worked really well! Almost :)

The one thing I needed to change was to set nobody as a trusted user. I also
use Gohr's script so I put the escape characters in as mentioned below.
However, I get bounce message with a permission denied error on line 92 of
Mail::Audit whenever I send a test spam message. I can't say that I know all
that much about perl so I have no idea what's attempting to be written
where. Any ideas?

Permission denied at /usr/local/lib/perl5/site_perl/5.6.1/Mail/Audit.pm line
92.

-----Original Message-----
From: Patrice Fournier [mailto:pfournier@loups.net]
Sent: Wednesday, January 02, 2002 8:40 PM
To: Rice, Kevin
Cc: 'exim-users@???'
Subject: RE: [Exim] Using Spam Assassin with Exim for remote addresses


Quoting "Rice, Kevin" <krice@???>:

> Ok. I changed the rule order as mentioned below, but I'm still confused.
> It looks like spam assassin passes the message back to Exim, but it just
> ends in a routing loop rather than rewriting/delivering using the
> forwarddomain.


> 2002-01-02 15:16:28 16LskN-00042Q-00 <= steelrat@???
> H=ns1.xyzzy.com [192.35.251.22] P=esmtp S=1222
> id=Pine.LNX.4.33.0201021516020.21813-100000@???


Ok, here an incoming message from steelrat@??? with
protocol=esmtp, it will be sent to spamcheck transport as the protocol is
not spam-scanned. Fine.

> 2002-01-02 15:16:45 16Lske-00042c-00 <= nobody@spamshield U=nobody
> P=local
> S=4885 id=Pine.LNX.4.33.0201021501380.21813-100000@???


Here's a new message from nobody@spamshield with protocol=local (called
from user nobody). This protocol is not spam-scanned, we must send it to
spamcheck... which is creating your mail loop.

> 2002-01-02 15:16:45 16Lsk8-000428-00 => kevtest
> <kevtest@???> D=spamcheck_director T=spamcheck
> 2002-01-02 15:16:45 16Lsk8-000428-00 Completed


spamcheck is done with the original message, it as been delivered.

> 2002-01-02 15:16:59 16Lskt-00042h-00 <= nobody@spamshield U=nobody
> P=local
> S=1481 id=Pine.LNX.4.33.0201021516020.21813-100000@???


Looping message comes back.

> On 2001-12-21 at 13:03 -0600, Rice, Kevin wrote:
> > ..and the director from the docs from Andi Gohr for using Spam
> > Assassin for filtering:
> >
> > #Spam Assassin
> > spamcheck_director:
> > condition = "${if eq {$received_protocol}{spam-scanned} {0}{1}}"
> > driver = smartuser
> > transport = spamcheck


There is an error in the program you call from spamcheck. It should use
the spam-scanned protocol instead of the default local one and also should
set the envelope from to the original value instead of letting Exim use
the default username@hostname (nobody@spamshield). To achieve this, the
command that pipe the message back to Exim should contain '-oMr
spam-scanned' to specify spam-scanned as the protocol and '-f $sender'
where $sender contains the original envelope from of the message. Are you
using Andi Gohr's spamcheck.pl or your own script? btw, I had to change
that spamcheck.pl so that bounce would not be deleted. When the sender is
empty, it sets it to "<>" which I had to change to "\<\>".

Also note that both -f and -oMr commands are only available to trusted
users. is the user nobody in your trusted user list?

--
Patrice Fournier
pfournier@???