Re: [exim] Adding/replacing headers with ACL warn

Top Page
Delete this message
Reply to this message
Author: Dennis Davis
Date:  
To: exim-users
Subject: Re: [exim] Adding/replacing headers with ACL warn
On Wed, 2 Feb 2005, Matthew Newton wrote:

...


> Just for the record, the config snippet from before doesn't quite work.
> If an incoming message is _not_ being scanned, then we should leave the
> headers alone (otherwise messages from inside that go back inside again
> will have their scores wiped, as we don't spam score for internal mail).


...

>Just for the record, the config snippet from before doesn't quite
>work. If an incoming message is _not_ being scanned, then we
>should leave the headers alone (otherwise messages from inside that
>go back inside again will have their scores wiped, as we don't spam
>score for internal mail).


Yup, been there and had the same problems. When I considered
how mail could travel through our servers I realised that just
one system filter wouldn't cut it. So the relevant bit of my
configuration says:


# System filter to modify message headers.  Locally submitted mail
# gets a null filter.  So does mail we've seen before.  Mail from
# cherished hosts gets a minimal header-munging filter.  Mail from
# non-cherished hosts gets the full monte.
system_filter = ${if or { \
                         {! def:sender_host_address} \
                         {def:acl_m2} \
                        } {NULL_FILTER} \
                       {${if CHERISHED {LOCAL_FILTER}{MUNGE_HEADERS}}}}



CHERISHED is a macro that tests for a trusted IP address --
basically our class B network with a few exceptions such as the
wireless LAN etc.

I "sign" messages that pass through our servers by adding an extra
header in the data acl just before the message is accepted.
This is done with:


# We're just about to accept this message. There's a chance
# (maildelivery file, sieve script, mailing list expansion etc) it
# may go off-campus. So attempt to add a cryptographic "checks
# done" header to prevent re-scanning if the body doesn't change.
# This is never going to be perfect, unless we use the entire
# message body. But it should be a reasonable check.
warn message = X-SCANNER: CRYPTOSECRET


and CRYPTOSECRET is the macro:


# Used when constructing a cryptographic checksum for a message.
CRYPTOSECRET = ${hmac{sha1}{SHASECRET}\
{$h_message_id:,$message_body,$message_body_end,$body_linecount}}


So earlier in the data acl I say:


  # Check our cryptographic header.  If it matches, we think we've
  # seen this message before and so can accept it without virus
  # checks, spam checks etc.
  accept condition = ${if and {{def:h_X-Scanner:}\
                               {eq {CRYPTOSECRET}{$h_X-Scanner:}}\
                              } {yes}{no}}
         set acl_m2 = 1



and that's where the acl_m2 in the above expansion of system_filter
comes from. I must use your neat idiom and change acl_m2 to
something like acl_SEEN_MESSAGE.

It took me a while and many beers to work all this out and set it
up.  I doubt that I could do it again :-(  And I'd probably have to
consume even more beers if someone pointed out an easier way to do
the same thing :-(
-- 
Dennis Davis, BUCS, University of Bath, Bath, BA2 7AY, UK
D.H.Davis@???               Phone: +44 1225 386101