[Exim] exiscan report and virusscan problems

Top Page
Delete this message
Reply to this message
Author: SH Solutions
Date:  
To: exim-users
Subject: [Exim] exiscan report and virusscan problems
Hello

after being a litte overcautious for installing clamav and spamassassin and
pushing every mail through this systems, I finally did it and it worked
rather good. At least configuration was very easy [using mostly default
configurations]. What I have that far is:

av_scanner = clamd:/var/run/clamd.ctl
spamd_address = 127.0.0.1 783

  warn    message        = X-Scan-Mime-Error: $demime_reason
          demime         = *
          condition      = ${if >{$demime_errorlevel}{0}{1}{0}}
  warn    message        = X-Scan-Virus-Found: $malware_name
          malware        = *
  warn    message        = X-Spam-Score: $spam_score ($spam_bar)
          spam           = nobody:true
  warn    message        = X-Spam-Report: $spam_report
          spam           = nobody:true


[Current configuraiton is for scanning and tagging only. Dropping of mail
will be part of the second test phase.]

Now, at first there are two problem:

1. The Spam-Report looks quite large:

X-Spam-Score: 0.0 (/)
X-Spam-Report: Spam detection software, running on the system
"server01.sh-solutions.de", has
    identified this incoming email as possible spam.  The original
message
    has been attached to this so you can view it (if it isn't spam) or
block
    similar future email.  If you have any questions, see
    the administrator of that system for details.
    Content preview:  On Tue, 2004-02-24 at 12:14 +0000, Philip Hazel
wrote:
    > On Tue, 24 Feb 2004, David Woodhouse wrote: > > > Out of interest,
do
    you happen to recall if did they explicitly _want_ > > the old data
    repeated, or would 'return_path_on_delivery' have sufficed > > to
    satisfy them too? > > Can't remember. [...]
    Content analysis details:   (0.0 points, 5.0 required)
    pts rule name              description
    ---- ----------------------
--------------------------------------------------


I would prefer something a litte shorter, i.e. only the points-table from
the end. everything above that pts... line is not required.
How can I change this?

2. X-Scan-Virus-Found-Headers are omitted if no virus is found. I would like
to add them with values "No virus found" or "Virus Scanner offline".
Can this even be archieved? [Same for Mime-Error-Headers]


Secondly, there are two things I'd like to change:

1. spamd is accessed through TCP/IP. I would like to change this to unix
sockets as with clamd. Is this possible?

2. I would like to do those scanning processes as part of the delivery
process, since i anyway will NOT reject mail, but drop them. For me it would
be easier to do this afterwards because I could do that depending on the
receipient [let users have filter/not filter settings] and it would not
delay message reception.


Thanks,
Steffen