I'm using Kaspersky Antivirus 4.5 which requires to configs. An exim listener which has the following router/transport:
dnslookup:
driver = dnslookup
domains = ! +local_domains
transport = kav_lmtp_transport
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
no_more
kav_lmtp_transport :
driver = lmtp
command = /opt/kav/bin/smtpscanner
The KAV program then sends the mail to exim using the 2nd config which has a regular dnslookup router followed my spamcheck router below. Since the mail is passed by the antivirus program, I'm not sure how to test the mails origination. Maybe a regex check on the Received: headers?
-----Original Message-----
From: Philip Hazel [
mailto:ph10@cus.cam.ac.uk]
Sent: Thursday, September 11, 2003 4:55 AM
To: Test, James
Cc: exim-users@???
Subject: Re: [Exim] routing only non-local mail to spamassassin
On Wed, 10 Sep 2003, Test, James wrote:
> I currently have the following router statement (using exim 4.22):
>
> spamcheck_router:
> driver = accept
> transport = spamcheck
> local_parts = lsearch;/etc/mail/spamusers
> no_verify
> condition = "${if and { {!def:h_X-Spam-Flag:} \
> {!eq {$received_protocol}{spam-scanned}} \
> {!match {$sender_host_address}{/^129\.246\./}} } {1}{0}}"
>
> I'm trying to only check for spam if the email is not coming from our
> network (129.246.0.0/16). I think $sender_host_address is always
> blank for some reason. Anyone have any ideas how I can do this?
$sender_host_address will be unset for messages that do not originate
from a remote host. Since you are checking for a protocol of
"spam-scanned", I assume this message has been re-injected from a spam
scanner running on the local host. Hence, the message has not come from
a remote host.
What you could do is to pass $sender_host_address to your spam scanner,
and have it pass it back using -oMa.
--
Philip Hazel University of Cambridge Computing Service,
ph10@??? Cambridge, England. Phone: +44 1223 334714.
Get the Exim 4 book: http://www.uit.co.uk/exim-book