Hello,
as a matter of principle I like the idea to scan the e-mails during the
smtp time very much.
But in germany we are not allowed to scan e-mails without the express
terms of the user.
We configured it on a per user basis without ACLs.
Here is the corresponding router:
------------------------------------------------------------------> SNIP
# Spamassassin
spamcheck_router:
no_verify
check_local_user
# When to scan a message :
# - it isn't already flagged as spam
# - it isn't already scanned
# - comes from mailin 134.176.2.12 or 134.176.2.15
# - .spamcheck exists for this user
condition = \
"${if and { {!def:h_X-Spam-Flag:} \
{!eq {$received_protocol}{spam-scanned}} \
{or { {eq {$sender_host_address}{134.176.2.12}} \
{eq {$sender_host_address}{134.176.2.15}} \
}\
}\
}\
{1}{0}\
}"
require_files = $home/.spamcheck
driver = accept
transport = spamcheck
------------------------------------------------------------------> SNIP
This router is defined on our POP/IMAP mailbox server.
Also we defined this transport on that machine:
------------------------------------------------------------------> SNIP
# Spam Assassin
spamcheck:
driver = pipe
command = /usr/exim/bin/exim -oMr spam-scanned -bS
use_bsmtp = true
transport_filter = /usr/bin/spamc -u $local_part
home_directory = "/tmp"
current_directory = "/tmp"
# must use a privileged user to set $received_protocol on
# the way back in!
user = mail
group = mail
log_output = true
return_fail_output = true
return_path_add = false
message_prefix =
message_suffix =
------------------------------------------------------------------> SNIP
Then we wrote a little web interface, where people can switch it on an
off by giving there id and there password (setting/deleting the
.spamckeck file ).
The benefit from this is, that you can use spamassassins autolearn,
autowhitelist and user configure options.
I think, this would be a little bit tricky to do with ACLs.
- oliver
Am Don, 2003-06-19 um 16.12 schrieb Daniel Bendersky:
> Hi,
>
> I have the Exim 4.20 with the exiscan-acl patch and I have already
> tried to set up the spamassassin at the ACL.
>
> It works perfect and was very easy to set it up, BUT my problem is that
> I run an ISP with Thousands of e-mail accounts, so the load of the
> servers (that are behind a load balancer) grow from 0.5 to 60 so I
> turned it off.
>
> One guy here at the list, told me that there is no way to check an
> e-mail message at the ACL only for a group of users. That I must to do
> it using routers.
> Only 4% of the messages need to be scanned (I know that because I have
> already the RAV antivirus working), so I want to run SA the same way,
> only for a group of users.
>
> With this info on the table, what you suggest?
>
> On Thursday, June 19, 2003, at 09:34 AM, Darran Michael Coy wrote:
>
> > Daniel,
> >
> > I'm assuming from your email that you are trying to do this the hard
> > way by running
> > spamd and then writing your own router/transport to pass mail through
> > spamd.
> >
> > This really is the hard way.
> >
> > Having recently gone through the same process, I recommend you go and
> > get sa-exim
> > (http://marc.merlins.org/linux/exim/sa.html).
> >
> > This really takes all the hard work away from you. It does need a
> > recompile of Exim
> > though.
> >
> > HTH
> >
> > On 18 Jun 2003 at 18:36, Daniel Bendersky wrote:
> >
> >> --
> >> [ Picked text/plain from multipart/alternative ]
> >> Hi, I'm tring to set up the Spamassassin but don't work for me (Yet!)
> >>
> >> I have the following router:
> >> -----
> >> spamcheck_router:
> >> no_verify
> >> condition = "${if and { {eq {1}{${if and { {!def:h_X-Spam-Flag:} {!eq
> >> {$received_protocol}{spam-scanned}}} {1}{0}}}} {eq {1}{${lookup ldap
> >> {ldap:///uid=${local_part},dc=${domain},o=MAIL,o=USERS,c=CL?mailSpam}
> >> {$value}{$value}}}}} {1}{0}}"
> >> driver = accept
> >> transport = spamcheck
> >> -----
> >> The "condition" check if the message was scanned (as suggested in this
> >> list by Phil Brutsche) and also (my add on) lookup in an LDAP if the
> >> user need to be checked.
> >>
> >> And the transport:
> >> -----
> >> spamcheck:
> >> driver = pipe
> >> command = /usr/sbin/exim -oMr spam-scanned -bS
> >> use_bsmtp = true
> >> transport_filter = /usr/bin/spamc
> >> home_directory = "/tmp"
> >> current_directory = "/tmp"
> >> user = mail
> >> group = mail
> >> log_output = true
> >> return_fail_output = true
> >> return_path_add = false
> >> message_prefix =
> >> message_suffix =
> >> -----
> >> Then I do my test in the port 26 to check if I get mails.
> >>
> >> The result is BAD. I get mails ONLY if the destination address is in
> >> the LDAP marked as need to be checked.
> >>
> >> So my guess is that the rest of the messages are lost in the
> >> cyberspace.
> >>
> >> Any idea of what I'm doing wrong?
> >>
> >> --
> >> Saludos....
> >>
> >> Daniel Bendersky.
> >>
> >> ------------------------------------------------------------------
> >> Daniel Bendersky Director de Operaciones y Tecnología
> >> dbenders@??? http://www.netline.cl
> >> NETLINE Av. Vitacura # 2939 of. 202
> >> Oficina : +56 2 751 2600 Las Condes, Santiago - CHILE
> >> Celular : +56 9 998 9122 Fax2mail : +56 2 751 2651
> >> Voice2mail: +56 2 751 2618
> >> "Success is a journey, not a destination"
> >> ------------------------------------------------------------------
> >> --
> >>
> >>
> >> --
> >>
> >> ## List details at http://www.exim.org/mailman/listinfo/exim-users
> >> Exim details at http://www.exim.org/ ##
> >>
> >
> >
> > ~~ Volunteer member of Pegasus Mail & Mercury Tech Team ~~
> > ~~~~~~~ Mailed using Pegasus Mail & Mercury NDS NLM ~~~~~~
> >
> > Darran Coy, Systems Services Team Leader, CS
> > University of Lincoln
> > +---------------------------------------------+
> > | Email: dcoy@??? |
> > | Tel: +44 (0)1482 440550 |
> > +---------------------------------------------+
> > ---------------------------------------------------------
> > Quote for the day:
> > Heavier-than-air-flying machines are impossible.
> > -- Lord Kelvin, president, Royal Society, 1895
> >
> >
> >
> >
> >
> --
> Saludos....
>
> Daniel Bendersky.
>
> ------------------------------------------------------------------
> Daniel Bendersky Director de Operaciones y Tecnología
> dbenders@??? http://www.netline.cl
> NETLINE Av. Vitacura # 2939 of. 202
> Oficina : +56 2 751 2600 Las Condes, Santiago - CHILE
> Celular : +56 9 998 9122 Fax2mail : +56 2 751 2651
> Voice2mail: +56 2 751 2618
> "Success is a journey, not a destination"
> ------------------------------------------------------------------
>
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ##
--
Oliver Egginger <Oliver.Egginger@???>
Fachhochschule Giessen-Friedberg
