[Exim] exim-users@exim.org

Αρχική Σελίδα
Delete this message
Reply to this message
Συντάκτης: Tomer H.
Ημερομηνία:  
Προς: exim-users
Αντικείμενο: [Exim] exim-users@exim.org
Hello,

I'm back to my original problem, quoting previous mail:
-- begin quote --
Greetings,

I've came across a problem here and I was wondering if anyone got a
creative solution for this one.
I am using exim v4 + exiscan patch: spamassassin + clamd and I wish
to tag the subject when it acrosses a malware only at a certain
condition (mysql lookup to check user's configuration).
If the return of the mysql lookup is 0, then no operation at all.
10 means to tag the subject and 20 means to completely ditch it.

  My problem comes with the tagging:
  I'm setting the new subject right at the exiscan rules:
  warn  message = X-Malware-Alert: This message contains malware ($malware_name)
        malware = *
        log_message = This message contains malware ($malware_name)
  warn  message = X-New-Subject-Malware: **MALWARE** $h_subject:
        malware = *


  and I've tried to use a system filter:
  if "${if def:header_X-New-Subject-Malware: {there}}" is there
  then
     headers remove subject
     headers add "Subject: $h_X-New-Subject-Malware:"
     headers remove X-New-Subject-Malware
  endif


  The problem is, it will always change the subject that way,
  regardless the mysql values.  I noticed I can't:
  - Do header changing when using a specific filter inside a router
  - Call headers_remove or headers_add twice inside a router.
  - Couldn't set temproary variables ("macros") like I can in the main
    configuration.


Also I've tried to do this one which didn't work very well neither:

process_filter_one:
    driver = redirect
    allow_fail
    headers_remove = Subject
    headers_add = Subject: **MALWARE** $h_X-New-Subject-Malware\n
    data = $local_part@$domain


process_filter_two:
    driver = redirect
    allow_fail
    headers_remove = X-New-Subject-Malware
    data = $local_part@$domain


My question is: How can I tag the subject while doing it under a
condition of a mysql check?

-- end quote --

Some time later on I've noticed that I missed that it's possible to
add condition rule to the ACL of exiscan, so I've added.
After that I've noticed it ignored the $local_part and $domain
variables, so after I asked over the mailing list regarding it
then I've been told because of the possibility of multiple RCPT
commands it can't be done, unless I limit the session to single RCPT
- which is a bit costy, so I'm saving it as very last solution.

I would like to know, again, if it's possible to do more than
a single headers_remove and headers_add command inside a router,
or perhaps a way to spread it over more than a single router.
Or, know if anyone here got a creative solution to do this subject
modification based on mysql lookup.


Thank you.


----------------------------------
   Tomer H.    tomer@???
       IT Solutions Provider
www.metnix.com     info@???
----------------------------------