I'm using exim 4.30 with the exiscan-acl patch along with SpamAssassin
2.61 (both from the Debian testing packages) to scan and tag email.
This works very well.
However, it seems that outgoing mail is also scanned and tagged. For
example, if I as a local user send an email to someone on another
system, SA scans it and adds its tags. If that email comes back to me
(such as on a mailing list) then it will be scanned again, and thus have
two SA headers.
In other words, I'm looking for the magic to add to my configuration so
that messages delivered locally (or from authenticated SMTP) are not
scanned.
Below are the sections of my DATA ACL section. They are pretty much
right from the exiscan docs:
# reject messages that score more than 12
deny message = Die spammer, we don't accept your turdlets. ( scored
$spam_score SpamAssassin points.)
spam = brian:true
condition = ${if >{$spam_score_int}{120}{1}{0}}
# append a tag for filtering if the score exceeds 5
warn message = X-Spam-Flag: YES
spam = brian:true
condition = ${if >{$spam_score_int}{50}{1}{0}}
# always add the score and report as headers
warn message = X-Spam-Report: $spam_report
spam = brian:true
A second related question:
As you can see above I have hard-coded my user name to run SpamAssassin
as. This is okay because I'm the primary user of the machine. Before
this I had it set to "nobody:true" so that it would just use the system
settings. But I was a little nervous about all the log warnings about
"Cannot create /nonexistant/.spamassassin", referring to the home
directory of "nobody". I also didn't know if it would be doing Bayes
learning in this case.
So, my question is: How can I specify that it should use the local user
name to which it's delivering the mail as the user to run SpamAssassin
as? For example, messages addressed to brian run SA as brian, messages
addressed to david run SA as david, and messages to wildcards/aliases
(such as 'webmaster') run SA as the user to whom the message will
actually be delivered. In other words, if I have "webmaster@" aliased
to me (brian) then it should run SA as brian when delivering webmaster
emails. I thought that I could use something like "$local_part" where I
have "brian" above but I didn't know if that would be correct in these
cases. In other words, I want to ensure that I'm specifying a real user
name, and not just any old local part. I don't like the idea of spamd
trying to "setuid()" to whatever is listed in the "To:" header of the
email.
Thanks
Brian