am 28.01.05 11:37 schrieb Peter Bowyer:
> On Thu, 27 Jan 2005 19:01:01 +0100, Peter Velan <pv0001@???> wrote:
>> Hello,
>>
>> my system is:
>> debian sarge
>> Exim version 4.34 #1 built 05-Jan-2005 11:07:49
>> Contains exiscan-acl patch revision 21 (c) Tom Kistner
>>
>> my testentries în acl_smtp_data:
>>
>> warn
>> condition = true
>> logwrite = :main: test found_extension = ***$found_extension***
>>
>> warn
>> condition = true
>> logwrite = :main: test mime_filename = ***$found_extension***
>>
>> but there is nothing between the asterisks?
>>
>> whats going wrong?
>
> What did you expect to find there? You haven't asked Exiscan to do any
> scanning.
May be the above excerpt is too much shortend or incorrect at all. I
will include a more complete version of my test ACL below.
> The examples doc on Tom's site at
>
> http://duncanthrax.net/exiscan-acl/exiscan-acl-examples.txt
>
> should give you some good building blocks for correct structure of ACL
> clauses for Exiscan.
Thank you for the link, but I have printed and read exiscan manual and
the above mentioned examples before I asked here.
It seems, that I do not understand, when exiscan starts and when in the
ACL chain the exiscan-based variables are usable. Escpecially I don't
understand the "decode" thing. What I found in manual was this:
- MIME parts will NOT be dumped to disk by default, you have
to call the "decode" condition to do that (see further
below).
and this ..
The expansion variables only reflect the content of the MIME
headers for each part. To actually decode the part to disk,
you can use the "decode" condition. The general syntax is
decode = [/<PATH>/]<FILENAME>
The right hand side is expanded before use. After expansion,
the value can
- be '0' or 'false', in which case no decoding is done.
- be the string 'default'. In that case, the file will be
put in the temporary "default" directory
<spool_directory>/scan/<message_id>/
with a sequential file name, consisting of the message id
and a sequence number. The full path and name is available
in $mime_decoded_filename after decoding.
- start with a slash. If the full name is an existing
directory, it will be used as a replacement for the
"default" directory. The filename will then also be
sequentially assigned. If the name does not exist, it will
be used as the full path and file name.
- not start with a slash. It will then be used as the
filename, and the default path will be used.
May be I'm dumb, but I never managed to use "decode" without getting an
errror. So please, anyone here, who could give me a complete example how
to use "decode"?
Peter
-------- acl_smtp_data config (simplified) --------------
# this two ACLs working perfectly:
deny
message = MSG_D01_MIME_ERROR ($demime_reason).
demime = *
condition = ${if > {$demime_errorlevel}{2} {1}{0} }
logwrite = :main,reject: MSG_D01_MIME_ERROR ($demime_reason).
warn
message = X-ACL-Warn: malware ($malware_name)
malware = *
logwrite = :main,reject: MSG_D02_MALWARE ($malware_name).
# --- this one doesn't works -- $mime_filename is empty!
# (I wanted to use the "modern way" of file extension checking)
deny
message = MSG_D03_ATTACHMENT (.$found_extension).
condition = \
${if match \
{${lc:$mime_filename}} \
{\N(\.bat|\.exe)$\N} \
{yes}{no}
}
logwrite = :main: A mime_filename ***$mime_filename***
# --- works! but $mime_filename is empty too! Why?
warn
message = X-ACL-Warn: MSG_D03_ATTACHMENT (.$found_extension).
demime = bat : exe
logwrite = :main,reject: MSG_D03_ATTACHMENT ($found_extension).
logwrite = :main: B found_extension ***$found_extension***
logwrite = :main: B mime_filename ***$mime_filename***
# --- works!
warn
message = X-ACL-Warn: bad term ($regex_match_string)
regex = \
\N(?i)\bsome example1\b\N \
: \N(?i)\bsome example2\b\N \
logwrite = :main,reject: MSG_D04_REGEX1 ($regex_match_string).
# --- works!
warn
message = X-Spam-Score: $spam_score ($spam_bar)
spam = vmail:true
condition = true
warn
message = X-Spam-Report: $spam_report
spam = vmail:true
condition = true
---------------------------------------------------------
