Re[2]: [Exim] error_message condition

Pàgina inicial
Delete this message
Reply to this message
Autor: Peter A. Savitch
Data:  
A: Philip Hazel
Assumpte: Re[2]: [Exim] error_message condition
Hello Philip,

Thursday, September 05, 2002, 6:13:03 PM, you wrote:

PH> senders = :


Sorry, Philip, I'm not getting this. It looks like an ACL entry rather
than router expandable condition.

The background is I'm making anti-virus solution and I want the
redirect router to check for *real* error messages in it's generic
`condition' test. The other thing is that not every recipient on my
machine wants the scanner to be enabled.

What is error_message test anyway? Does it mean that this is true if
an error is generated by *this* Exim? I want these and only these to
bypass the AV router. I want the messages with empty sender address
(bounces) generated by other systems (MAIL FROM: <>) to be scanned
anyway (because they appear to be bounces but can actually carry
malicious content).

Another question. A pipe runs in a system_filter and returns
negative status. Does Exim produce a bounce in this case?

Thank You. My config lines follow, if You don't mind.

==========================================================================

I use something like this:
avscan:
  driver = redirect
  no_verify
  user = mail
  condition = ${if and{ \
      {first_delivery} \
      {!eq{$received_protocol}{av-scanned}} \
      {eq{${lookup ldap {LDAP_AVSCAN_TEST}{yep}{nope}}} {yep} } \
    } {yes}{no} }


data = \
"|/some/pipe/command -f $sender_address -- $local_part@$domain"

LDAP_AVSCAN_TEST is a macro that checks whether mail should be scanned
for this recipient.

Recieved protocol is set by the pipe command which is run under
trusted user. Pipe commmand gets recipient from the command line,
calls Exim and pipes back the content if it's okay. It generates
notifications (for the sender, recipient and administrator) in the
same way by itself.

Actually I'm making an Exim filter in the router which tests
error_message and calls the pipe:

avscan:
...
allow_filter
# data =
file = /usr/exim/avscan_filter

File follows:

=cut
#Exim filter
if error_message and $header_from: contains "Mailer-Daemon@"
then
        finish
endif
pipe "|/some/pipe/command -f $sender_address -- $local_part@$domain"
finish
=cut


--
Best regards,
 Peter                            mailto:spam4octan@highway.ru