I recently got SA 2.50 working with exim 4.12 via sa-exim 2.2 (thanks again,
Nico). Now that I *think* I've followed all the directions, it seems like
I'm still not understanding something. According to the documentation and
suggested ACLs, an auth or relay host connection would result in adding an
"X-SA-Do-Not-Rej: Yes" header. That header is in turn used by sa-exim to
abort scanning of the message altogether.
What prevents a user/spammer from sending a message with that header already
in it? Both the "headers_remove" options (one for routers, one for
transports) are run after local_scan. You can add a header before that (via
a "warn" acl), but how would you remove one? This is the beginning of my
check_recipient acl...
check_recipient:
warn message = X-SA-Do-Not-Rej: Yes
local_parts = postmaster:abuse
warn message = X-SA-Do-Not-Rej: Yes
hosts = +relay_hosts
warn message = X-SA-Do-Not-Rej: Yes
authenticated = *
To make this foolproof wouldn't we need some sort of "headers_remove =
X-SA-Do-Not-Rej" that runs before any of that? Or am I just not
understanding something?
Thanks.
--
Rick Ennis
