[Exim] Dodging DATA ACL by recipient

Páxina inicial
Borrar esta mensaxe
Responder a esta mensaxe
Autor: Greg Ward
Data:  
Para: exim-users
Asunto: [Exim] Dodging DATA ACL by recipient
One of the statements in my DATA ACL is designed to reject mail in
various Chinese/Korean/Russian charsets that I've only ever seen used in
spam. Here's how it looks now:

  deny    message   = banned charset in subject
          condition = \
    ${if match {${lc:$h_subject:}}\
               {\N=\?(big5|euc-kr|gb2312|ks_c_5601-1987|koi8-r)\?[qb]\?\N} \
         {yes}}


To hell with political correctness, this works like a charm, and reduces
the number of messages that have to go through SpamAssassin
considerably.

Now I want to add a wrinkle: if the message is destined for
python-18n@??? or mailman-i18n@???, skip this check.
Tried the obvious thing, ie. add

recipients = !mailman-i18n*@??? : !python-i18n*@???

to the ACL, but that just made Exim return a 451 error and complain:

temporarily rejected after DATA: cannot test recipients after DATA

which, on a moment's reflection, makes sense: there could be any number
of recipients, so how do you know which one(s) to test against the
'recipients' clause?

I can think of two equally reasonable interpretations:

  * if the recipient list is a subset of
    {python-i18n,mailman-i18n}*@???, skip the test
  * if the recipient list includes either of
    {python-i18n,mailman-i18n}*@???, skip the test


...so no wonder Exim punts.

Can anyone think of a clean, simple way to implement this in a DATA ACL?
Or should I just move this test to local_scan(), where I can pick
whichever of the above interpretations I like?

        Greg
--
Greg Ward <gward@???>                         http://www.gerg.ca/
My opinions may have changed, but not the fact that I am right.