On Apr 22, 2004, at 12:17 PM, <brian@???> wrote:
> I'm running Exim 4.24
Have you considered using the exiscan patch? This would make things a
lot easier on you. I've used it since 4.24 and have found it to work
flawlessly. My config file has only two scan entries:
spamd_address = 127.0.0.1 783
av_scanner = clamd:127.0.0.1 3310
Then I have the ACLs:
acl_check_data:
# Any hosts and authenticated clients listed here will not be scanned
by SpamAssassin
accept hosts = 127.0.0.1:+relay_from_hosts
accept authenticated = *
# First unpack MIME containers and reject serious errors.
# deny message = This message contains a MIME error ($demime_reason)
# demime = *
# condition = ${if >{$demime_errorlevel}{2}{1}{0}}
# Reject typically wormish file extensions. There is almost no
# sense in sending such files by email.
deny message = This message contains an unwanted file extension
($found_extension)
demime = scr:com:vbs:bat:lnk:pif:exe
# # If the message contains SCR or PIF we want to Log this
warn log_message = DISCARD: ATTACHMENT ($found_extension)
demime = scr:com:vbs:bat:lnk:pif:exe
control = fakereject
discard demime = scr:com:vbs:bat:lnk:pif:exe
# ## Reject virus infested messages.
deny message = This message contains malware ($malware_name)
demime = *
malware = *
# Reject messages containing "viagra" in all kinds of whitespace/case
combinations
# WARNING: this is an example !
# deny message = This message matches a blacklisted regular
expression ($regex_match_string)
# regex = [Vv] *[Ii] *[Aa] *[Gg] *[Rr] *[Aa] : Prescription
: Pharmacy
# Always add X-Spam-Score and X-Spam-Report headers, using SA
system-wide settings
# (user "nobody"), no matter if over threshold or not.
warn message = X-Spam-Score: $spam_score ($spam_bar)
spam = nobody:true
warn message = X-Spam-Report: $spam_report
spam = nobody:true
warn message = X-New-Subject: [***SPAM***] $h_subject:
spam = nobody
warn message = X-Virus-Scanned: Scanned with Clam AntiVirus
spam = nobody:true
# Add X-Spam-Flag if spam is over system-wide threshold
warn message = X-Spam-Flag: YES
spam = nobody
# Reject spam messages with score over 10, using an extra condition.
deny message = This message scored $spam_score points.
Congratulations!
spam = nobody:true
condition = ${if >{$spam_score_int}{100}{1}{0}}
Most of this was already there when I installed exim. I changed a few
things, but have put them back to the default settings in this example.
-Michael
---------------------------------------
Sometimes your joy is the source of your smile, but sometimes your
smile can be the source of your joy.
--Thich Nhat Hanh
