[Exim] Spam proxy

Top Page
Delete this message
Reply to this message
Author: Søren Hansen
Date:  
To: exim-users
Subject: [Exim] Spam proxy
--
I want to host a sort of spam proxy based on spamassassin.
I run Debian Woody with Exim 3.35.

Here's the scenario that I want:

A user (somebody@???) wants to send a mail to
final@???.
somebody@???'s SMTP server looks up the MX for recipient.com,
which turns out to be mail.myserver.com.
mail.myserver.com receives the e-mail, runs it through spamassassin and
sends it on to recipient.com's REAL MX-record.

For this, I've made (well, I took it from
http://dman.ddts.net/~dman/config_docs/exim3_spamassassin.html) this
transport:
spamassassin_transport:
driver = pipe
command = /usr/sbin/exim -oMr spam-scanned -bS
bsmtp = all
transport_filter = /usr/bin/spamc
home_directory = "/tmp"
current_directory = "/tmp"
user = mail
group = mail
log_output = true
return_path_add = false
prefix =
suffix =
return_fail_output = true


So far so good. This is where my use of the above mentioned HOWTO ends..
What I want to do differently from it, is that I want it to handle
OUTGOING mail for certain domains. So I suppose I'll set relay_domains:

relay_domains = lsearch;/etc/exim/spamproxy

This will - if I understand correctly - make exim accept inbound mail
for it, but pass it on to a route instead of a director, right?

So I need a router... I can't figure out which driver to use.. My first
thought was "domainlist", bit it complains that it wants either
route_list, route_file, route_query og route_queries, which don't really
apply.. All I want it to do is run the spamassassin_transport, if the
recipient domain matches lsearch;/etc/exim/spamproxy, and the following
condition is true:

condition = "${if and { {!def:h_X-Spam-Flag:} {!eq
{$received_protocol}{spam-scanned}} } {1}{0}}"

How do I do that?

Now to finish it off, I need a way to forward the mails elsewhere. Will
this do the trick?:

spamassassin_smtp:
    driver = domainlist;
    search_type = lsearch;
    route_file = /etc/exim/spamproxy


This could be the contents of /etc/exim/spamproxy:

recipient.com        mail1.recipient.com:mail2.recipient.com    byname;
otherdomains.com     mail.somewhereelse.com            byname;




Any input?


--
Salu2, Søren.
--
Content-Description: Dette er en digitalt underskrevet brevdel

[ signature.asc of type application/pgp-signature deleted ]
--