Re: [Exim] Dodging DATA ACL by recipient

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Nico Erfurth
Date:  
À: Greg Ward
CC: exim-users@exim.org
Sujet: Re: [Exim] Dodging DATA ACL by recipient

On Tue, 22 Oct 2002, Greg Ward wrote:

> One of the statements in my DATA ACL is designed to reject mail in
> various Chinese/Korean/Russian charsets that I've only ever seen used in
> spam. Here's how it looks now:
>
>   deny    message   = banned charset in subject
>           condition = \
>     ${if match {${lc:$h_subject:}}\
>                {\N=\?(big5|euc-kr|gb2312|ks_c_5601-1987|koi8-r)\?[qb]\?\N} \
>          {yes}}


condition = \
  ${if and \
     { { !match {$h_to: $h_cc:}\
        {(mailman|python)-i18n@python\.org}}\
       {... your match here ....}
     }\
   }


> To hell with political correctness, this works like a charm, and reduces
> the number of messages that have to go through SpamAssassin
> considerably.


I hope you don't run Spam-Assassin in a local_scan function.
Because local_scan is run BEFORE the data_acl

> Now I want to add a wrinkle: if the message is destined for
> python-18n@??? or mailman-i18n@???, skip this check.
> Tried the obvious thing, ie. add
>
> recipients = !mailman-i18n*@??? : !python-i18n*@???
>
> to the ACL, but that just made Exim return a 451 error and complain:
>
> temporarily rejected after DATA: cannot test recipients after DATA
>
> which, on a moment's reflection, makes sense: there could be any number
> of recipients, so how do you know which one(s) to test against the
> 'recipients' clause?


You could check it in the rcpt-to ACL and add a header by using the
warn-verb.

> Can anyone think of a clean, simple way to implement this in a DATA ACL?
> Or should I just move this test to local_scan(), where I can pick
> whichever of the above interpretations I like?


I don't know if the above is clean, but try it ;)

ciao