Solved: Re: [Exim] local_part in exiscan

Página superior
Este mensaje es parte del siguiente hilo:
MEl árbol completo de hilos, ordenados por fecha
MAvleen Vig, mensaje del <-
MPhilip Hazel, mensaje del ->
Eliminar este mensaje
Responder a este mensaje
Autor: Avleen Vig
Fecha:  
A: exim-users
Asunto: Solved: Re: [Exim] local_part in exiscan
On Sun, Nov 02, 2003 at 07:45:22AM -0800, Avleen Vig wrote:
> Ok to make this a little more sane, I have the following router:
>
> ditch_spam:
>   driver = redirect
>   allow_fail
>   data = :blackhole:
>   condition = ${if >{$spam_score_int}{${lookup mysql{select sa_refuse * 10 from users,domains \
>                 where localpart = '${quote_mysql:$local_part}' \
>                 and domain = '${quote_mysql:$domain}' \
>                 and users.spamassassin = '1' \
>                and users.domain_id=domains.domain_id }}} {yes}{no}}
>   local_part_suffix = -*
>   local_part_suffix_optional

>
> Unfortunately this seems to :blackhole: mail where the mysql lookup has
> NOT returned a result. To make matters worse, it only :blackhole:'s
> sometimes, not all the time.

I keep replying to my own mails! Damnit!
Well, I solved the problem after a good day of ripping my hair out. The
solution needs to be in the archives :-) 

First the router:
ditch_spam:
  driver = redirect
  allow_fail
  data = :blackhole:
  condition = ${if >{$spam_score_int}{${lookup mysql{select sa_refuse * 10 from users,domains \
                where localpart = '${quote_mysql:$local_part}' \
                and domain = '${quote_mysql:$domain}' \
                and users.on_spamassassin = '1' \
                and users.domain_id=domains.domain_id }{$value}{999999}}} {yes}{no}}
  local_part_suffix = -*
  local_part_suffix_optional
  retry_use_local_part


This, for me at least, completely solves the problem of per-user spam
filtering with exiscan. The message is always scanned after DATA, but
never denied. The ACL is instead set to 'warn'.

Then this router (it's also the first router) checks to make sure
$spam_score_int is > the value in the db.

I had one very annoying problem: if the database returned "no data" or
"empty result set", when exim tries to expand $value, I think is expands
it to '0', resulting in almost all messages getting blackholed!
So I put the '999999' in, for the event that $value is empty.
I'm still learning exim conditions, evrything I know I've learnt in the
last 24 hours.
Can I replace the '999999' with 'fail' ? 


Anyway, here's the other router for dealing with viruses marked with a
'warn' in the ACL:
ditch_malware:
  driver = redirect
  allow_fail
  data = :blackhole:
  condition = ${if and { {match {$h_X-ACL-Warn:}{.*malware.*}} \
                         {eq {${lookup mysql{select users.on_avscan from users,domains \
                                where localpart = '${quote_mysql:$local_part}' \
                                and domain = '${quote_mysql:$domain}' \
                                and users.on_avscan = '1' \
                                and users.domain_id=domains.domain_id}}}{1} }} {yes}{no} }



All of these will be part of vexim2..


Este mensaje se envió a las siguientes listas de correo:
Exim-users
Información de la lista de correo | Mensajes cercanos		<-[Exim] smtp too many connectionsRe: [Exim] Broken Aliases after upgrading from Exim3 to Exim4->
Tahini and Hummus and Cumin Development Archives administrado por cumin AdminsLurker (versión 2.3)