On Apr 3, 2004, at 12:19, Michael Johnson wrote:
> I've set the part of my SA configuration for exim thusly:
> spamd_address = ###.###.###.### 783
Ok. That's an option used by the 'spam' condition in Exiscan-ACL.
> However, my spamcheck router is using the localhost (since it's set up
> that way. Duh!)
This has nothing to do with Exiscan-ACL, or setting up 'spamd_address'.
> How should I alter my spamcheck transport to look to
> the remote host?
Are you sure you want to run 'spamc' in a router? You will not be able
to reject at SMTP time, and hence, you will an issue in dealing with
mail that is flagged as spam. You can:
- Create a bounce message, which most certainly will go to an
innocent third party whose e-mail address was forged in the spam --
making you responsive for "collateral" spam, or
- Quietly discard the message, in which case false positives
(legitimate mails that were incorrectly flagged as spam) are dropped as
well, or
- Freeze the message, in which case you need to hire one full-time
person for each 5-6 local users to sort through frozen mail, or
- Set up a default (customziable) filter for each user, which sorts
mails into a separate Junk box if they are flagged as spam (this
require that your users are able to manage mailboxes, e.g. via the IMAP
protocol or via a WebMail interface -- POP3 is not suited for this
purpose). Your users will also need to be aware that there may be
legitimate messages in their Junk box.
A far better method is to use Exiscan-ACL (or SA-Exim) to invoke
SpamAssassin at SMTP time, so that you are able to reject the message
right away if it is flagged as spam, rather than first accepting it:
- If it came via another MTA from a legitimate source, that other MTA
(presumably the sender's) would be able to send a bounce message back
to the sender (whose address is normally not forged).
- If it came from spamware, no harm is done (spamware do not create
bounce messages).
> Obviously (I think), the driver should not be pipe, rather remote.
> Would I have to place something different where command is? Somehow
> show the IP address even though I've given it earlier in the
> spamd_address?
If you still want to invoke SpamAssassin in a router, you can use:
/path/to/spamc -d spamd-server
(e.g. "/usr/bin/spamc -d 192.168.1.5")
Better, though, to use "spam = " conditions in your DATA ACL. If you
happen to use Debian, get the "exim4-daemon-heavy" package, and edit:
/etc/exim4/conf.d/acl/40_acl_check_data
with snippets from:
/usr/share/doc/exim4-daemon-heavy/exiscan-acl-examples.txt.gz
-tor