[Exim] Exiscan and limiting scans to external networks

Hello all,

I've searched the archives and the net for an answer to this and only
found 3 messages which are remotely close to what I'd like to do.

I'm using exim as a mailhub for the network, but would like to insert
exiscan into the mix. One problem though is we want to be sure that only
mail which is sent from off-site and not from one of our routeable or
non-routable IP's are scanned by spamassassin.

I've got the following setup for exiscan_condition and
exiscan_spamd_condition:

exiscan_condition = \
${if or {{eq{$received_protocol}{esmtp}} \
{eq{$received_protocol}{smtp}}} \
{1}{0} }

If I'm understanding how conditions work the one above (shown in a few
examples) is supposed to only scan e-mail messages which have been
submitted to the server via smtp or esmtp. Allowing authenticated smtp
connections to skip exiscan completely.

exiscan_spamd_condition = \
${if and {\
{!eq {${mask:${sender_host_address}/24}} {192.156.214.0/24}}} \
{1}{0}}

Now here I'd like to scan via spamd only messages whose
sender_host_address is off-site. While my readings show something like
this "should" work, in practice messages coming in are still getting
scanned by spam assassin.
Also would it be possible to link this check to the "hostlist
relay_from_hosts" variable?


--
Brian