Eli wrote:
> >
> > Here is what I do, I get all of the relevant 'scanning' information
> > that I need during the ACL phases and push that information on with
> > the message. If the message is acceptable at a 'global' level (no
> > viruses, etc) , then I accept it, and give (for better or worse) the
> > standard DNR's should I need to at a per recipient level during the
> > delivery.
>
> Yeah, right now I'm happy with the spam/virus stuff I have working at a
> global level in the ACLs. I just put headers on things and reject any
> and all viruses regardless, but it would be nice to have a per user
> ability during this stage. I'm working on making a script that will
I did forget to mention that during the DATA ACL I do a check after all of
the 'globals' run , if the message has made it this far there is one or two
last checks that are done before the message is accepted for delivery, I
check the number of recipients, if the number is more than one, I accept
the message, if the message is to just one person I do the per person
accept/deny during the DATA ACL as well, the recipient address is in the
$recipients variable.
<EXAMPLE_CODE>
#
#ACCEPT the message now if there are more than one RCPT's and
# none of the ALWAYS FAIL conditions have been met
#
accept condition = ${if {>{$rcpt_count}{1}} {1}{0} }
#
#ACCEPT any message that has one recipient and does not fail any of the
# Policy rules.
#
accept endpass
message = User Refused Message DATA:
condition = \
${if and{{ ={$rcpt_count}{1}}{ ...{$recipients}... } {1}{0} }
#
# Expcilite DENY
#
deny message = OOPS message was not wanted ;)
#
# ^^^ that of course is not the real message but should be as those
# three statements are the end of my DATA ACL in that order
> spit out Exim filter data so that it will do all the additional per
> user/domain filtering during the router or transport stage, but I'm not
> sure how much of a performance hit I'll be taking by calling an external
> script to do this.
I do a few Perl calls during ACL's and see no additional time when you
consider SpamAssassin and AntiVirus checks, (just optimize the code and
the number of calls you have to do)
> I was hoping to be able to have all message
> filtering done at ACL time so that messages we didn't want to accept for
> any reason would be rejected before they're ever accepted - no bounce
> messages required and it helps reduce spam (I hope).
>
> > I always thought that the $domain and $local_part at DATA time was
> > quite clear in the Exim Docs.
>
> As did I :) I ran into this problem once simply because I wasn't paying
> attention, but I always understood why they weren't available. You
> can't count out all the people who have emailed in to the mailing list
> wondering why their stuff isn't working when they try to use them during
> DATA time though :)
>
Well hell, following that logic we need to change how a lot of things work,
such as manual routing to a smarthost :)
Point is, the manual is very clear on that and it would confuse things
further to ferret out when $domain and $local_part exist and when they
do not, as it is, you can do single person at DATA time and get the
recipients inofrmation from $recipients, most messages I see pass through
the system are to only one person at a time any way. I do run the numbers
again to get a percentage of total mail however.
--
--EAL--
