Hello,
*** Backround ***
I'm trying to add spam scanning to a firewall that is acting as a
mail hub to an internal mail server. I'm using Debian stable (woody)
with it's Exim version 3.35-1. I have already installed spamassassin
2.55-3 from the sources in testing, and have integrated it with exim
using what "dman" describes as "Integration Method 1" for Exim 3.
Please refer to
<
http://dman13.dyndns.org/~dman/config_docs/exim-spamassassin/node11.html>
I'm using Spamassassin 2.55-3 since I want the newer rules and bayesian.
This works great for local users that get their mail delivered on the
firewall box.
For completeness:
The last block in TRANSPORTS:
# Spam Assassin
spamcheck:
driver = pipe
command = /usr/sbin/exim -oMr spam-scanned -bS
transport_filter = /usr/bin/spamc
bsmtp = all
home_directory = "/tmp"
current_directory = "/tmp"
# must use a privileged user to set $received_protocol on the way back
in!
user = mail
group = mail
return_path_add = false
log_output = true
return_fail_output = true
prefix =
suffix =
The first block in DIRECTORS
# Spam Assassin
spamcheck_director:
# do not use this director when verifying a local-part at SMTP-time
no_verify
# When to scan a message :
# - it isn't already flagged as spam
# - it isn't already scanned
# - it didn't originate locally (as long as I don't harbor spammers
:-))
condition = "${if and { {!def:h_X-Spam-Flag:} {!eq
{$received_protocol}{spam-scanned}} {!eq {$received_protocol}{local}} }
{1}{0}}"
driver = smartuser
transport = spamcheck
Testing delivery to a local user:
hawmail:/etc/exim# exim -bt dennyf@???
dennyf@???
deliver to dennyf in domain hawmail.sbwireless.net
director = spamcheck_director, transport = spamcheck
*** Questions ***
How can I use the spamcheck transport for a non-local domain with
Exim 3.35? I got the "through_firewall" router working, but I can't
figure out how to get it spam scanned first. If I try to make a
spamcheck_router: it won't let me use the smartuser driver, since
that's only for directors. If I try making microtimeinc.net a local
domain instead of a relay_domain, I can't use the domainlist router.
I saw references to the accept and manual_route drivers when I
Googled for this topic, but they seem to be new in Exim version 4.
I would prefer to stay with the Exim that is native to Debian stable.
Here are the parts of my exim.conf treating domain microtimeinc.net
as a relay_domain. The spamcheck: transport and spamcheck_director:
are also in place and working nicely for local users, per the above
mentioned docs.
relay_domains = microtimeinc.net
In the ROUTERS section as first router:
# This router passes mail through the firewall to the inside mail server
# Ref Exim book pgs 165 and 89
through_firewall:
driver = domainlist
transport = remote_smtp
domains = microtimeinc.net
route_list = * mailserver byname
Testing gives:
hawmail:/etc/exim# exim -bt dennyf@???
dennyf@???
deliver to dennyf@???
router = through_firewall, transport = remote_smtp
host mailserver.sbwireless.net [192.168.21.10]
How can I spam scan in the router too?
Thanks for any help you can provide!
Denny Fox
