Re: [exim] Exim and SpamAssassin

Top Page
Delete this message
Reply to this message
Author: Jerry
Date:  
To: Marc Perkel
CC: exim-users
Subject: Re: [exim] Exim and SpamAssassin
Hi, Marc,

Thanks for the response. Now I am REALLY confused.

In trying to find this problem, I turned on -d+all and sent a test
message. The last relevant entries in the log are (deleted some
irrelevant lines)

08:28:29 21650 spamcheck transport yielded 0
08:28:29 21650 search_tidyup called
08:28:29 21648 journalling itnews@???
08:28:29 21648 spamcheck transport returned OK for itnews@???
08:28:29 21648 post-process itnews@??? (0)
08:28:29 21648 itnews@??? delivered
08:28:29 21648 LOG: MAIN
08:28:29 21648 => itnews@??? R=spamcheck_router
T=spamcheck H=localhost
08:28:29 21648 >>>>>>>>>>>>>>>> deliveries are done >>>>>>>>>>>>>>>>

This particular id is an alias, to be routed to another mailbox.
Instead it ends up in the catchall mailbox. There aren't any other
entries in the trace, and I can see the message in the catchall box.

I can believe this is turning the message around and sending it back
into exim, but in that case, why wouldn't I see more trace entries for
that processing?

Another thing I just noticed which makes me think this router is doing
the delivery - the owner of the spool file has changed. Before, the
file owner was the box user. Now it's the exim id. My local delivery
router/transport changes the userid to the recipient. The SpamAssassin
doesn't - it just uses the exim id.

I've really tried to look through the documentation to see what's wrong
- but there are soooo many options I'm totally confused! (don't take
this as a complaint - I like the flexibility!).

Is there someplace else I should be looking? Is there something else I
could post which would help? (I don't want to post the whole config
file because of its size).

Thanks for any other help you can provide.

Jerry


Marc Perkel wrote:
> There really are no stupid questions. and your question is totally not
> stupid. But - the flow of the message isn't what you think it is.
>
> What happens in this configuration is that the message is diverter
> through spamassassin and piped back into the front end of Exim - as a
> new message - where is starts over again. The second time through it
> bypasses the SA router because it has been tagged as already been
> checked. But it doesn't got through SA and on to the next router as your
> message suggested. SA doesn't do the delivery - it can't and doesn't
> know how.
>
> The message comes in - hits the SA router - goes through SA - and then
> piped back into the front and of Exim - starts over - hits the SA router
> a second time - bypasses it and moves on.
>
> I don't know what your problem is from the code you posted but thought
> if you understand the flow better it might help you figure it out.
>
> Jerry wrote:
>
>> Hi, all,
>>
>> I have what is probably a VERY stupid question - but I can't find the
>> problem and couldn't find a solution in the archives.
>>
>> Some background. We had to reboot the server yesterday - the first
>> time in several months. Until that time, everything was working
>> properly.
>>
>> Previous to the reboot, SpamAssassin would scan the incoming email and
>> mark it appropriately. Processing would then continue to the rest of
>> the routers for delivery. Now the SpamAssassin router is doing the
>> delivery.
>>
>> Obviously I changed something along the lines - but I can't for the
>> life of me figure out what! I didn't think I had made any changes in
>> this area, but it has been several months so I could be wrong.
>>
>> Here are the SpamAssassin router and transport:
>>
>> # This router handles spamassassin
>>
>> spamcheck_router:
>> driver = manualroute
>> domains = ${lookup mysql {MYSQL_Q_SPAMC}{$value}}
>> senders = ! ${lookup mysql {MYSQL_Q_WHITELIST}{$value}}
>> condition = ${if and { {!def:h_X-Spam-Flag:} {!eq
>> {$received_protocol}{spam-scanned}} {!eq {$received_protocol}{local}}
>> } {1}{0}}
>> route_list = "* localhost byname"
>> transport = spamcheck
>> verify = false
>>
>> # This transport handles spamassassin
>> spamcheck:
>> driver = pipe
>> command = /usr/sbin/exim -oMr spam-scanned -bS
>> use_bsmtp = true
>> transport_filter = "/usr/bin/spamc"
>> home_directory = "/tmp"
>> current_directory = "/tmp"
>> user = mail
>> group = mail
>> log_output = true
>> return_fail_output = true
>> return_path_add = false
>> message_prefix =
>> message_suffix =
>>
>> So - the stupid question - what am I missing here? Did I delete a
>> line somewhere, for instance?
>>
>> Thanks for any help you can give.
>>
>> Jerry
>>
>>
>