[exim-cvs] cvs commit: exim/exim-doc/doc-src spec.src

Pàgina inicial
Delete this message
Reply to this message
Autor: Tom Kistner
Data:  
A: exim-cvs
Assumpte: [exim-cvs] cvs commit: exim/exim-doc/doc-src spec.src
tom 2005/01/14 16:18:58 GMT

  Modified files:
    exim-doc/doc-src     spec.src 
  Log:
  Changes to chapter 39 (exiscan)


  Revision  Changes    Path
  1.3       +26 -29    exim/exim-doc/doc-src/spec.src


  Index: spec.src
  ===================================================================
  RCS file: /home/cvs/exim/exim-doc/doc-src/spec.src,v
  retrieving revision 1.2
  retrieving revision 1.3
  diff -u -r1.2 -r1.3
  --- spec.src    11 Jan 2005 15:17:51 -0000    1.2
  +++ spec.src    14 Jan 2005 16:18:57 -0000    1.3
  @@ -1,4 +1,4 @@
  -. $Cambridge: exim/exim-doc/doc-src/spec.src,v 1.2 2005/01/11 15:17:51 ph10 Exp $
  +. $Cambridge: exim/exim-doc/doc-src/spec.src,v 1.3 2005/01/14 16:18:57 tom Exp $
   .
   .set version "4.50"
   .set previousversion "4.40"
  @@ -22841,10 +22841,10 @@
   .endd
   The \(.eml)\ extension is a friendly hint to virus scanners that they can
   expect an MBOX-like structure inside that file. The file is created when the
  -first exiscan facility is called. Subsequent calls to exiscan conditions open
  -the same file again. The directory is recursively removed when the
  -\acl@_smtp@_data\ ACL has finished running. When the MIME ACL decodes files,
  -they are put into that same directory by default.
  +first content scanning facility is called. Subsequent calls to content
  +scanning conditions open the same file again. The directory is recursively
  +removed when the \acl@_smtp@_data\ ACL has finished running. When the MIME
  +ACL decodes files, they are put into that same directory by default.



.section Scanning for viruses
@@ -22886,7 +22886,7 @@
.index virus scanners||clamd
\clamd\: This daemon-type scanner is GPL and free. You can get it at
\?http://www.clamav.net/?\. Clamd does not seem to unpack MIME containers,
-so it is recommended to use the demime facility with it. It takes one option:
+so it is recommended to unpack MIME attachments in the MIME ACL. It takes one option:
either the path and name of a UNIX socket file, or a hostname or IP number, and
a port, separated by space, as in the second of these examples:
.display asis
@@ -22909,7 +22909,7 @@
sure that this expression matches on `virus found'. This is called the
`trigger' expression.
.nextp
-Another regular expression, containing exactly one pair of braces, to match the
+Another regular expression, containing exactly one pair of parentheses, to match the
name of the virus found in the scanners output. This is called the `name'
expression.
.endp
@@ -22986,8 +22986,18 @@
the option.
.endp

-When \av@_scanner\ is correcly set, you can use the \malware\ condition in the
-DATA ACL. The condition takes a right-hand argument that is expanded before
+When \av@_scanner\ is correctly set, you can use the \malware\ condition in the
+DATA ACL.
+
+The \malware\ condition caches its results, so when you use it multiple times
+for the same message, the actual scanning process is only carried out once.
+
+\av@_scanner\ is expanded each time \malware\ is called. This makes
+it possible to use different scanners. See further below for an example.
+However, using expandable items in \av@_scanner\ disables the result caching
+of the \malware\ condition.
+
+The condition takes a right-hand argument that is expanded before
use. It can then be one of
.numberpars $.
`true', `*', or `1', in which case the message is scanned for viruses. The
@@ -23010,9 +23020,6 @@
\message\ modifier that specifies the error returned to the sender, and/or in
logging data.

  -The \malware\ condition caches its results, so when you use it multiple times
  -for the same message, the actual scanning process is only carried out once.
  -
   If your virus scanner cannot unpack MIME and TNEF containers itself, you should
   use the \demime\ condition (see section ~~SECTdemimecond) before the \malware\
   condition.
  @@ -23044,9 +23051,6 @@
      set acl_m0 = aveserver
      malware = *
   .endd
  -However, when \av@_scanner\ is expanded, the caching of the \malware\
  -condition result does not happen, so each \malware\ condition call causes a
  -new scan of the message.



.section Scanning with SpamAssassin
@@ -23353,13 +23357,16 @@
.endp

   As an example, the following will ban `HTML mail' (including that sent with
  -alternative plain text), while allowing HTML files to be attached:
  +alternative plain text), while allowing HTML files to be attached. HTML 
  +coverletter mail attached to non-HMTL coverletter mail will also be allowed:
   .display asis
   deny message = HTML mail is not accepted here
  +   !condition = $mime_is_rfc822
      condition = $mime_is_coverletter
      condition = ${if eq{$mime_content_type}{text/html}{1}{0}}
   .endd


+
.tempindent 0
\$mime@_is@_multipart$\:
This variable has the value 1 (true) when the current part has the main type
@@ -23431,8 +23438,10 @@
.index MIME content scanning
The \demime\ ACL condition provides MIME unpacking, sanity checking and file
extension blocking. It uses a simpler interface to MIME decoding than the MIME
-ACL functionality, but provides no additional facilities. It is kept in exiscan
-for backward compatibility.
+ACL functionality, but provides no additional facilities. Please note that this
+condition is deprecated and kept only for for backward compatibility. You must
+set the WITH_OLD_DEMIME option in the Makefile at build time to be able to use
+the \demime\ condition.

The \demime\ condition unpacks MIME containers in the message. It detects
errors in MIME containers and can match file extensions found in the message
@@ -23525,18 +23534,6 @@
certain amount through string expansions and the \condition\ condition in the
ACL that runs after the SMTP \\DATA\\ command or the ACL for non-SMTP messages
(see chapter ~~CHAPACL), but this has its limitations.
-
-.index \exiscan\
-An increasingly popular way of doing additional checking is to make use of the
-Exiscan patch for Exim, which adds ACL conditions that perform body scans of
-various kinds. This is available from
-.if ~~html
-[(A HREF="http://duncanthrax.net/exiscan-acl/")]
-/?http://duncanthrax.net/exiscan-acl/?\.
-[(/A)]
-.else
-\?http:@/@/duncanthrax.net/exiscan-acl/?\.
-.fi

To allow for even more general checking that can be customized to a site's own
requirements, there is the possibility of linking Exim with a private message