Re: [Exim] scanning with sa-exim based on headers

Top Page
Delete this message
Reply to this message
Author: Tony Earnshaw
Date:  
To: exim-users
Subject: Re: [Exim] scanning with sa-exim based on headers
søn, 2003-03-09 kl. 10:21 skrev Rick Ennis:

> What prevents a user/spammer from sending a message with that header already
> in it? Both the "headers_remove" options (one for routers, one for
> transports) are run after local_scan. You can add a header before that (via
> a "warn" acl), but how would you remove one? This is the beginning of my
> check_recipient acl...
>
> check_recipient:
>   warn     message       = X-SA-Do-Not-Rej: Yes
>            local_parts   = postmaster:abuse

>
>   warn     message       = X-SA-Do-Not-Rej: Yes
>            hosts         = +relay_hosts

>
>   warn     message       = X-SA-Do-Not-Rej: Yes
>            authenticated = *

>
> To make this foolproof wouldn't we need some sort of "headers_remove =
> X-SA-Do-Not-Rej" that runs before any of that? Or am I just not
> understanding something?


I'm using SA-Exim 4.12/2.2, SA 2.60-CVS.

1: My own ACL rules for the above are quite unlike those you quote - and
mine are "lifted" directly from the original. Best is, that the
originals work perfectly.

2: Unscanned mail should go exclusively to postmaster or abuse and the
sender should only get one chance to do this. Exim 4.12's present ACLs
are perfectly capable of coping with this.

3: This is Marc Merlin's baby, IMHO, and *no-one* else's. All questions
about it should be addressed to him, or those monitoring SA-Exim results
daily, especially when quoting his config directions. There's always his
dedicated mailing list for this.

Best,

Tony

--

Tony Earnshaw

All the world is mad, exceptin thee and me
and even thee's a little queer

e-post:        tonni@???
www:        http://www.billy.demon.nl