Re: [exim] Exim and SpamAssassin

Top Page
Delete this message
Reply to this message
Author: Marc Perkel
Date:  
To: Jerry
CC: exim-users
Subject: Re: [exim] Exim and SpamAssassin
AH - HA!

I think the problem is ownership then. Here's what may be happening. It
hits the router to deliver it properly - but - the router fails because
of ownership. So it then moves on to the next router which is your catchall.

Jerry wrote:

> Hi, Marc,
>
> Thanks for the response. Now I am REALLY confused.
>
> In trying to find this problem, I turned on -d+all and sent a test
> message. The last relevant entries in the log are (deleted some
> irrelevant lines)
>
> 08:28:29 21650 spamcheck transport yielded 0
> 08:28:29 21650 search_tidyup called
> 08:28:29 21648 journalling itnews@???
> 08:28:29 21648 spamcheck transport returned OK for
> itnews@???
> 08:28:29 21648 post-process itnews@??? (0)
> 08:28:29 21648 itnews@??? delivered
> 08:28:29 21648 LOG: MAIN
> 08:28:29 21648 => itnews@??? R=spamcheck_router
> T=spamcheck H=localhost
> 08:28:29 21648 >>>>>>>>>>>>>>>> deliveries are done >>>>>>>>>>>>>>>>
>
> This particular id is an alias, to be routed to another mailbox.
> Instead it ends up in the catchall mailbox. There aren't any other
> entries in the trace, and I can see the message in the catchall box.
>
> I can believe this is turning the message around and sending it back
> into exim, but in that case, why wouldn't I see more trace entries for
> that processing?
>
> Another thing I just noticed which makes me think this router is doing
> the delivery - the owner of the spool file has changed. Before, the
> file owner was the box user. Now it's the exim id. My local delivery
> router/transport changes the userid to the recipient. The
> SpamAssassin doesn't - it just uses the exim id.
>
> I've really tried to look through the documentation to see what's
> wrong - but there are soooo many options I'm totally confused! (don't
> take this as a complaint - I like the flexibility!).
>
> Is there someplace else I should be looking? Is there something else
> I could post which would help? (I don't want to post the whole config
> file because of its size).
>
> Thanks for any other help you can provide.
>
> Jerry
>
>
> Marc Perkel wrote:
>
>> There really are no stupid questions. and your question is totally
>> not stupid. But - the flow of the message isn't what you think it is.
>>
>> What happens in this configuration is that the message is diverter
>> through spamassassin and piped back into the front end of Exim - as a
>> new message - where is starts over again. The second time through it
>> bypasses the SA router because it has been tagged as already been
>> checked. But it doesn't got through SA and on to the next router as
>> your message suggested. SA doesn't do the delivery - it can't and
>> doesn't know how.
>>
>> The message comes in - hits the SA router - goes through SA - and
>> then piped back into the front and of Exim - starts over - hits the
>> SA router a second time - bypasses it and moves on.
>>
>> I don't know what your problem is from the code you posted but
>> thought if you understand the flow better it might help you figure it
>> out.
>>
>> Jerry wrote:
>>
>>> Hi, all,
>>>
>>> I have what is probably a VERY stupid question - but I can't find
>>> the problem and couldn't find a solution in the archives.
>>>
>>> Some background. We had to reboot the server yesterday - the first
>>> time in several months. Until that time, everything was working
>>> properly.
>>>
>>> Previous to the reboot, SpamAssassin would scan the incoming email
>>> and mark it appropriately. Processing would then continue to the
>>> rest of the routers for delivery. Now the SpamAssassin router is
>>> doing the delivery.
>>>
>>> Obviously I changed something along the lines - but I can't for the
>>> life of me figure out what! I didn't think I had made any changes
>>> in this area, but it has been several months so I could be wrong.
>>>
>>> Here are the SpamAssassin router and transport:
>>>
>>> # This router handles spamassassin
>>>
>>> spamcheck_router:
>>> driver = manualroute
>>> domains = ${lookup mysql {MYSQL_Q_SPAMC}{$value}}
>>> senders = ! ${lookup mysql {MYSQL_Q_WHITELIST}{$value}}
>>> condition = ${if and { {!def:h_X-Spam-Flag:} {!eq
>>> {$received_protocol}{spam-scanned}} {!eq
>>> {$received_protocol}{local}} } {1}{0}}
>>> route_list = "* localhost byname"
>>> transport = spamcheck
>>> verify = false
>>>
>>> # This transport handles spamassassin
>>> spamcheck:
>>> driver = pipe
>>> command = /usr/sbin/exim -oMr spam-scanned -bS
>>> use_bsmtp = true
>>> transport_filter = "/usr/bin/spamc"
>>> home_directory = "/tmp"
>>> current_directory = "/tmp"
>>> user = mail
>>> group = mail
>>> log_output = true
>>> return_fail_output = true
>>> return_path_add = false
>>> message_prefix =
>>> message_suffix =
>>>
>>> So - the stupid question - what am I missing here? Did I delete a
>>> line somewhere, for instance?
>>>
>>> Thanks for any help you can give.
>>>
>>> Jerry
>>>
>>>
>>
>


--
Marc Perkel - marc@???

Spam Filter: http://www.junkemailfilter.com
    My Blog: http://marc.perkel.com
My Religion: http://www.churchofreality.org
~ "If it's real - we believe in it!" ~