RE: [Exim] Exiscan, Spamassasin and max size of messages

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MM\Knaupp, Thomas at <-
.MMPat Lashley at ->
Delete this message
Reply to this message
Author: Eli
Date:  
To: exim-users
Subject: RE: [Exim] Exiscan, Spamassasin and max size of messages
Checking the $message_size body can be done in a RCPT ACL, however the only
value it will contain at that time is either whatever was given via SIZE, or
-1 (as per documentation - read the section on expanding variables).

If you want a more accurate value, use it in a DATA ACL, or later on in a
router or transport. The value here will not be what was given by SIZE, but
rather the actual size of the message (apparently not 100% accurate in DATA
stage since headers added during ACL stages aren't included).

I have the exiscan patch, and this is what I do to bypass scanning for large
messages: 

acl_check_data:
...
        require acl             = acl_check_spam
...


acl_check_spam:
        warn    message         = X-Spam-Error: Message too big, scan
skipped
                condition       = ${if > {$message_size}{5M} {yes}{no}}


        accept  condition       = ${if > {$message_size}{5M} {yes}{no}}
...
        accept


The "acl_check_data" is called by acl_smtp_data, and it calls my spam
scanning ACL "acl_check_spam". The acl_check_spam must return an accept
otherwise the require will fail and reject the message (which we don't want
unless we want to deny the message because of too much spam). So, if the
message is too big (in this case, bigger than 5Mb), it adds an error header
so users can filter on that if they wish (and also so that if they notice it
wasn't scanned, they will at least know why), and then accepts it so that
the DATA ACL will continue on (to find out why, read up more on the "acl ="
statement).

Eli.

-----Original Message-----
From: exim-users-admin@??? [mailto:exim-users-admin@exim.org] On Behalf
Of Knaupp, Thomas
Sent: Monday, January 19, 2004 12:25 PM
To: exim-users@???
Subject: AW: [Exim] Exiscan, Spamassasin and max size of messages


| > how can I tell spamassassin NOT to scan
| > messages exceeding a defined size.
|
 |   warn    message       = X-Spam-Score: $spam_score
 |           spam          = nobody:true
 |           condition     = ${if <{$message_size}{200k}{yes}{no}}
 |                               ^^^
|
| this way, it works perfektly :)


one more point: this rule seems not to work with cleartext-messages,
when the sender is not sending SIZE = command ..

In our example, we're getting a lot of postmaster-messages,
that a mail could not be delivered and the stupid sender-server
is sending the orginal attachment back in clear-text, which
makes 20mb text-mails ...

any further ideas ?

regards,
Tom


--

## List details at http://www.exim.org/mailman/listinfo/exim-users Exim
details at http://www.exim.org/ ##

---
[This E-mail scanned for viruses]


---
[This E-mail scanned for viruses]



This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-AW: [Exim] Exiscan, Spamassasin and max size of messages[Exim] w/ 4.30 <= sendmail: protocol violation...->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)