On May 18, 2004, at 3:50 AM, Scott Call wrote:
> Hello!
>
> I apologize if this is a lame or redundant question, feel free to LART
> as
> needed....
>
> I'm setting up a largish system with dspam and exim and I was hoping to
> avoid the current two-stage delivery method where the message is piped
> to
> dspam, and then dspam calls exim to do the actual delivery.
>
> dspam has compile-time options to return messages sent to it to STDOUT
> with apropriate signatures and headers instead of calling an MTA to do
> the
> delivery, and I'd like to know if I can take advantage of that.
>
> Ideally (in psuedocode) I'd like something like:
>
> If /var/spool/dspam/opt-in/$local_part exists then
> pipe the message through /usr/bin/dpam --user $local_part and use the
> output from the pipe as the message and continue delivery?
>
> Is this possible or should I stick with the two-stage setup?
Check out:
http://www.pookey.co.uk/exim-spam.xml
It has a nice little tutorial on combatting spam with some interesting
ACLs and a local_scan filter. An excerpt:
"Exim has a wonderful feature called local_scan. This allows you to
write some C code that gets compiled into Exim allowing the message to
be scanned before it is accepted. I have created a local_scan.c that
passes a file handle of the mail, and the mail headers to a perl
script. This perl script can then be used to check the mail. I
personally virus scan messages, and pass them to sophie for virus
scanning at this stage. This allows me to reject messages that look
like spam, or contain a virus before they even make thier way onto my
mail server.
If you want to go down this route, I'm going to assume you can read
source code, so I'll simply include the local_scan.c, and my
local_scan.pl file. All you need to do is compile your exim with my
local_scan.c, and place the local_scan.pl in /etc/exim. You'll
probably want to hack about with local_scan.pl to suit your needs."
I've not tried this yet, its on my list though. Seems like it should
work.
Also, I'd like to second Bradford's endorsement of spamprobe. I've been
using spanprobe for about a month now and after a day of training, I've
rarely had to train it again. Marvellous :)
Nathan.
--
Nathan Ollerenshaw - Unix Systems Engineer
ValueCommerce -
http://www.valuecommerce.ne.jp/
