[Exim] Aliases, amavis and the recent virus mails.

Pàgina inicial
Delete this message
Reply to this message
Autor: Sander Smeenk
Data:  
A: exim-users
Assumpte: [Exim] Aliases, amavis and the recent virus mails.
Hello,

I always used Exim in conjunction with per-system-domain alias files:

/etc/exim4/aliases/mydomain.tld:
account1 :fail: User cancelled the account
*: my@???

With this setup, exim would lookup the recipient address before
accepting the RCPT command and say '550 User cancelled the account' when
someone tried to deliver a message to account1@mydomain.

Now, I too am being plagued by virus mails, never ever before have I
received so many, so I installed amavisd and clamav to scan mail that is
comming in. This works. The virusses do not reach my users and myself
anymore which is great.

But there is a side-effect: exim now just accepts any recipient@mydomain
address, feeds the mail to amavis, which feeds (uninfected) mail back to
exim which in turn can't deliver the message because of the :fail:
alias, and sends a bounce. The bounce will then get stuck, because most
probably the originating address is faked, and doesn't exist.

And that is exactly what I don't want. Many of the 'accounts' I have set
to fail are used primarily as spam addresses, so the bounces will just
get stuck in my mailq. I know they will be removed after 10 days
(because I set that in my config), but before I used amavis, my mailq
was always empty, because this sort of mail just was rejected at the
door.

Is there any way to have exim check recipients before feeding the mail
to the amavis router? I believe placing the amavis router _beneath_ the
aliases router I use would be the same as disabling amavis, since in my
belief the aliases router is also the last router that handles the mail,
right?

Can I just combine sections of the aliases router with the amavis router
like so: ?

amavis:
    driver = manualroute
    domains = +local_domains
    require_files = CONFDIR/aliases/$domain
    data = ${lookup{$local_part}lsearch*{CONFDIR/aliases/$domain}}
    allow_fail
    allow_defer
    forbid_pipe
    forbid_file
    include_directory = CONFDIR
    cannot_route_message = User unknown
    condition = < .. test to see if exim should run amavis .. >
    transport = amavis
    route_list = "* localhost byname"
    self = send


Any help is appreciated!
Sander.
--
| Scenery is here, wish you were beautiful.
| 1024D/08CEC94D - 34B3 3314 B146 E13C 70C8 9BDB D463 7E41 08CE C94D