Re: [Exim] local_scan interface discussion

Page principale
Supprimer ce message
Répondre à ce message
Auteur: James P. Roberts
Date:  
À: exim-users
Sujet: Re: [Exim] local_scan interface discussion
----- Original Message -----
From: "Philip Hazel" <ph10@???>
To: "James P. Roberts" <punster@???>
Cc: <exim-users@???>
Sent: Monday, July 15, 2002 4:15 PM
Subject: Re: [Exim] local_scan interface discussion


On Mon, 15 Jul 2002, James P. Roberts wrote:

> To this end, I would recommend an approach like Derrick's "pipe" idea.


One of the things people were telling me when I was thinking about
local_scan() was that they wanted an efficient way of scanning messages,
without having to run an additional process. If you start using pipes,
you lose this efficiency.

Sure, you get better protection of Exim itself, but that wasn't the
point.

> require=local_scan("exim-sa;$domain;$local_part")
> deny=local_scan("antivirus;killall;log")


You can do that kind of thing already, using ${run or ${perl. The idea
of local_scan() was to be more efficient for those that couldn't afford
even the cost of ${run.

--
Philip Hazel            University of Cambridge Computing Service,
ph10@???      Cambridge, England. Phone: +44 1223 334714.



Thanks for the clarification of the motivation, Philip.

So it would seem there are two needs... (1) A way to scan FAST, and (2)
a way to scan with minimal impact/risk to Exim itself, minimum
administrative effort level, and maximum flexibility in choice of
scanners.

I agree these two things are pretty much mutually exclusive.

If I understand correctly, Exim already provides for number (2). Nifty!
(I think it is time for me to Re-RTFM...)

At any rate, I see your point, Philip. As the bomb said to the Dark
Star crew, "I must think on this further."

Thanks again.

Jim Roberts