Hello,
I'm back to my original problem, quoting previous mail:
-- begin quote --
Greetings,
I've came across a problem here and I was wondering if anyone got a
creative solution for this one.
I am using exim v4 + exiscan patch: spamassassin + clamd and I wish
to tag the subject when it acrosses a malware only at a certain
condition (mysql lookup to check user's configuration).
If the return of the mysql lookup is 0, then no operation at all.
10 means to tag the subject and 20 means to completely ditch it.
My problem comes with the tagging:
I'm setting the new subject right at the exiscan rules:
warn message = X-Malware-Alert: This message contains malware ($malware_name)
malware = *
log_message = This message contains malware ($malware_name)
warn message = X-New-Subject-Malware: **MALWARE** $h_subject:
malware = *
and I've tried to use a system filter:
if "${if def:header_X-New-Subject-Malware: {there}}" is there
then
headers remove subject
headers add "Subject: $h_X-New-Subject-Malware:"
headers remove X-New-Subject-Malware
endif
The problem is, it will always change the subject that way,
regardless the mysql values. I noticed I can't:
- Do header changing when using a specific filter inside a router
- Call headers_remove or headers_add twice inside a router.
- Couldn't set temproary variables ("macros") like I can in the main
configuration.
Also I've tried to do this one which didn't work very well neither:
process_filter_one:
driver = redirect
allow_fail
headers_remove = Subject
headers_add = Subject: **MALWARE** $h_X-New-Subject-Malware\n
data = $local_part@$domain
process_filter_two:
driver = redirect
allow_fail
headers_remove = X-New-Subject-Malware
data = $local_part@$domain
My question is: How can I tag the subject while doing it under a
condition of a mysql check?
-- end quote --
Some time later on I've noticed that I missed that it's possible to
add condition rule to the ACL of exiscan, so I've added.
After that I've noticed it ignored the $local_part and $domain
variables, so after I asked over the mailing list regarding it
then I've been told because of the possibility of multiple RCPT
commands it can't be done, unless I limit the session to single RCPT
- which is a bit costy, so I'm saving it as very last solution.
I would like to know, again, if it's possible to do more than
a single headers_remove and headers_add command inside a router,
or perhaps a way to spread it over more than a single router.
Or, know if anyone here got a creative solution to do this subject
modification based on mysql lookup.
Thank you.
----------------------------------
Tomer H. tomer@???
IT Solutions Provider
www.metnix.com info@???
----------------------------------
