Re: [Exim] not following spamd_address

Góra strony
Delete this message
Reply to this message
Autor: Tor Slettnes
Data:  
Dla: Michael Johnson
CC: Exim-users
Temat: Re: [Exim] not following spamd_address
On Apr 3, 2004, at 12:19, Michael Johnson wrote:
> I've set the part of my SA configuration for exim thusly:
> spamd_address = ###.###.###.### 783


Ok. That's an option used by the 'spam' condition in Exiscan-ACL.

> However, my spamcheck router is using the localhost (since it's set up
> that way. Duh!)


This has nothing to do with Exiscan-ACL, or setting up 'spamd_address'.

> How should I alter my spamcheck transport to look to
> the remote host?


Are you sure you want to run 'spamc' in a router? You will not be able
to reject at SMTP time, and hence, you will an issue in dealing with
mail that is flagged as spam. You can:

- Create a bounce message, which most certainly will go to an
innocent third party whose e-mail address was forged in the spam --
making you responsive for "collateral" spam, or

- Quietly discard the message, in which case false positives
(legitimate mails that were incorrectly flagged as spam) are dropped as
well, or

- Freeze the message, in which case you need to hire one full-time
person for each 5-6 local users to sort through frozen mail, or

- Set up a default (customziable) filter for each user, which sorts
mails into a separate Junk box if they are flagged as spam (this
require that your users are able to manage mailboxes, e.g. via the IMAP
protocol or via a WebMail interface -- POP3 is not suited for this
purpose). Your users will also need to be aware that there may be
legitimate messages in their Junk box.


A far better method is to use Exiscan-ACL (or SA-Exim) to invoke
SpamAssassin at SMTP time, so that you are able to reject the message
right away if it is flagged as spam, rather than first accepting it:

- If it came via another MTA from a legitimate source, that other MTA
(presumably the sender's) would be able to send a bounce message back
to the sender (whose address is normally not forged).

- If it came from spamware, no harm is done (spamware do not create
bounce messages).


> Obviously (I think), the driver should not be pipe, rather remote.
> Would I have to place something different where command is? Somehow
> show the IP address even though I've given it earlier in the
> spamd_address?


If you still want to invoke SpamAssassin in a router, you can use:

      /path/to/spamc -d spamd-server


(e.g. "/usr/bin/spamc -d 192.168.1.5")

Better, though, to use "spam = " conditions in your DATA ACL. If you
happen to use Debian, get the "exim4-daemon-heavy" package, and edit:

      /etc/exim4/conf.d/acl/40_acl_check_data


with snippets from:

      /usr/share/doc/exim4-daemon-heavy/exiscan-acl-examples.txt.gz



-tor