--
On Mar 15, 2004, at 14:13, Andy Firman wrote:
> On Mon, Mar 15, 2004 at 11:03:49AM -0800, Tor Slettnes wrote:
>> Let me know if you want me so send you config snippets for Exim and
>> SpamAssassin, and sample (Sieve) filters for mail sorting.
>
> Yes please.
See below.
> Since I am running exim4-daemon-heavy, I only need to add some things
> into the /etc/exim4/conf.d/acl files to get this going right?
> Mainly the 40_exim4-config_check_data file?
Correct.
> After reading the exiscan-acl-spec.txt file, it seems I can continue to
> use my installed spamassassin, but I am not sure how to get exim4 to
> actually call SA to do the spam work.
Exiscan-ACL talks to your SpamAssassin daemon (spamd) on localhost:783.
Be sure to edit /etc/default/spamassassin, so that:
ENABLED=1
Then (re)start SA:
/etc/init.d/spamassassin restart
> Also, when you change some of those files in the conf.d directory,
> one needs to run update-exim4.conf right?
This is done automatically when you restart exim:
/etc/init.d/exim4 restart
> And is it necessary to do /etc/init.d/exim4 restart ??
Yep.
> Any info you can send me, or the list, would be great.
- First, customize the SA report template so that it looks "good" in
the mail headers once you add it via the Exiscan-ACL "$spam_report"
variable.
/etc/spamassassin/local.cf:
+--------------------------------------------------------------
| ...
| clear_report_template
| report "_YESNO_, hits=_HITS_, required=_REQD_, version=_VERSION_;"
| report "_TESTSCORES(, )_"
| ...
+--------------------------------------------------------------
- Ensure that you run the SA daemon, 'spamd'.
/etc/default/spamassassin:
+--------------------------------------------------------------
| ...
| ENABLED=1
| ...
+--------------------------------------------------------------
- Start/restart SA:
# /etc/init.d/spamassassin restart
- Configure the 'acl_check_data' ACL in Exim to use Exiscan-ACL:
/etc/exim4/conf.d/acl/40_exim4-config_check_data:
+--------------------------------------------------------------
| ...
| # --- BEGIN EXISCAN configuration ---
|
| # Do not scan messages submitted from our own hosts
| # and locally submitted messages. Since the DATA ACL
| # is not called for messages not submitted via SMTP
| # protocols, we do not need to check for an empty
| # host field.
| accept hosts = 127.0.0.1:+relay_from_hosts
|
| # Reject messages that have serious MIME errors.
| # This calls the demime condition again, but it
| # will return cached results.
| deny message = Serious MIME defect detected ($demime_reason)
| demime = *
| condition = ${if >{$demime_errorlevel}{2}{1}{0}}
|
| # Unpack MIME containers and reject file extensions
| # used by worms. Note that the extension list may be
| # incomplete.
| deny message = We do not accept ".$found_extension"
attachments here.
| demime =
bat:btm:cmd:com:cpl:dll:exe:lnk:msi:pif:prf:reg:scr:vbs:url:zip
|
| # Accept messages that are too large, without scanning them.
| # accept condition = ${if >={$message_size}{512k}{1}{0}}
|
| warn message = X-Spam-Score: $spam_score
| spam = mail:true
|
| warn message = X-Spam-Status: $spam_report
| spam = mail:true
|
| accept
| spam = mail
| delay = 20s
| control = fakereject
| logwrite = :main: Classified as spam (score $spam_score)
| logwrite = :reject: SPAM: $spam_report
|
| # accept otherwise
| accept
| logwrite = :main: Classified as ham (score $spam_score)
|
| # --- END EXISCAN configuration ---
+--------------------------------------------------------------
(Note that using the 'spam = ' ACL condition several times does not
cause several SA lookups - the results are cached so long as the same
user ('mail') is being used each time).
- Setup a default mail filter for each user, to sort spam into a "Junk"
mailbox. I use the Cyrus IMAP server (cyrus21-*.deb), and thus
install the following default Sieve (RFC3038 --
http://www.cyrusoft.com/sieve/) filter for each user.
+--------------------------------------------------------------
| # Sieve filter
|
| require "fileinto";
|
| if header :matches "X-Spam-Status" "Yes*"
| { fileinto "INBOX.Junk"; }
| else
| { keep; }
+--------------------------------------------------------------
You can also use:
- "procmail" -- create a .procmailrc in each user's home directory
- An exim filter -- create a file named .forward in each user's home
directory, containing the string "# Exim filter" on the first line.
- A sieve filter for Exim -- create a file named .forward in each
user's home directory, containing the string "# Sieve filter" on the
first line.
--
[ smime.p7s of type application/pkcs7-signature deleted ]
--
