Re: [exim] problems with exiscan-acl

Top Pagina
Delete this message
Reply to this message
Auteur: Peter Velan
Datum:  
Aan: Exim Users Mailing List
Onderwerp: Re: [exim] problems with exiscan-acl
am 28.01.05 11:37 schrieb Peter Bowyer:

> On Thu, 27 Jan 2005 19:01:01 +0100, Peter Velan <pv0001@???> wrote:
>> Hello,
>>
>> my system is:
>> debian sarge
>> Exim version 4.34 #1 built 05-Jan-2005 11:07:49
>> Contains exiscan-acl patch revision 21 (c) Tom Kistner
>>
>> my testentries în acl_smtp_data:
>>
>> warn
>> condition = true
>> logwrite = :main: test found_extension = ***$found_extension***
>>
>> warn
>> condition = true
>> logwrite = :main: test mime_filename = ***$found_extension***
>>
>> but there is nothing between the asterisks?
>>
>> whats going wrong?
>
> What did you expect to find there? You haven't asked Exiscan to do any
> scanning.


May be the above excerpt is too much shortend or incorrect at all. I
will include a more complete version of my test ACL below.

> The examples doc on Tom's site at
>
> http://duncanthrax.net/exiscan-acl/exiscan-acl-examples.txt
>
> should give you some good building blocks for correct structure of ACL
> clauses for Exiscan.


Thank you for the link, but I have printed and read exiscan manual and
the above mentioned examples before I asked here.

It seems, that I do not understand, when exiscan starts and when in the
ACL chain the exiscan-based variables are usable. Escpecially I don't
understand the "decode" thing. What I found in manual was this:

  - MIME parts will NOT be dumped to disk by default, you have
    to call  the "decode"  condition to  do that  (see further
    below).


and this ..

The expansion variables only reflect the content of the MIME
headers for each part. To actually decode the part to disk,
you can use the "decode" condition. The general syntax is

decode = [/<PATH>/]<FILENAME>

The right hand side is expanded before use. After expansion,
the value can

  - be '0' or 'false', in which case no decoding is done.
  - be the string 'default'. In that case, the file will be
    put in the temporary "default" directory
    <spool_directory>/scan/<message_id>/
    with a sequential file name, consisting of the message  id
    and a sequence number. The full path and name is available
    in $mime_decoded_filename after decoding.
  - start  with  a slash.  If  the full  name  is an  existing
    directory,  it  will  be used  as  a  replacement for  the
    "default"  directory.  The  filename  will  then  also  be
    sequentially assigned. If the name does not exist, it will
    be used as the full path and file name.
  - not  start with  a slash.  It will  then be  used as  the
    filename, and the default path will be used.


May be I'm dumb, but I never managed to use "decode" without getting an
errror. So please, anyone here, who could give me a complete example how
to use "decode"?

Peter

-------- acl_smtp_data config (simplified) --------------

# this two ACLs working perfectly:

deny
message = MSG_D01_MIME_ERROR ($demime_reason).
demime = *
condition = ${if > {$demime_errorlevel}{2} {1}{0} }
logwrite = :main,reject: MSG_D01_MIME_ERROR ($demime_reason).

warn
message = X-ACL-Warn: malware ($malware_name)
malware = *
logwrite = :main,reject: MSG_D02_MALWARE ($malware_name).

# --- this one doesn't works -- $mime_filename is empty!
#     (I wanted to use the "modern way" of file extension checking)


deny
  message = MSG_D03_ATTACHMENT (.$found_extension).
  condition = \
    ${if match \
      {${lc:$mime_filename}} \
      {\N(\.bat|\.exe)$\N} \
      {yes}{no}
    }
  logwrite = :main: A mime_filename ***$mime_filename***


# --- works! but $mime_filename is empty too! Why?

warn
message = X-ACL-Warn: MSG_D03_ATTACHMENT (.$found_extension).
demime = bat : exe
logwrite = :main,reject: MSG_D03_ATTACHMENT ($found_extension).
logwrite = :main: B found_extension ***$found_extension***
logwrite = :main: B mime_filename ***$mime_filename***

# --- works!

warn
  message = X-ACL-Warn: bad term ($regex_match_string)
  regex = \
    \N(?i)\bsome example1\b\N \
  : \N(?i)\bsome example2\b\N \
 logwrite = :main,reject: MSG_D04_REGEX1 ($regex_match_string).


# --- works!

warn
message = X-Spam-Score: $spam_score ($spam_bar)
spam = vmail:true
condition = true
warn
message = X-Spam-Report: $spam_report
spam = vmail:true
condition = true

---------------------------------------------------------