Re: [exim] Exim and SpamAssassin

Top Page
Delete this message
Reply to this message
Author: Bill Hacker
Date:  
To: exim
CC: Marc Perkel
Subject: Re: [exim] Exim and SpamAssassin
Marc Perkel wrote:

> you might want to send that to him or the list.


Correct... Thanks.

Bill

>
> Bill Hacker wrote:
>
>> Marc Perkel wrote:
>>
>>> AH - HA!
>>>
>>> I think the problem is ownership then. Here's what may be happening.
>>> It hits the router to deliver it properly - but - the router fails
>>> because of ownership. So it then moves on to the next router which is
>>> your catchall.
>>>
>>
>> Hang on a sec. If he ran a test message manually the EUID:EGID may
>> have been
>> 'none of the above'.
>>
>> The effects of that, and whether the eximd or spamd process were able
>> to 'reclaim'
>> ownership should be checked also...
>>
>> Bill
>>
>>
>>> Jerry wrote:
>>>
>>>> Hi, Marc,
>>>>
>>>> Thanks for the response. Now I am REALLY confused.
>>>>
>>>> In trying to find this problem, I turned on -d+all and sent a test
>>>> message. The last relevant entries in the log are (deleted some
>>>> irrelevant lines)
>>>>
>>>> 08:28:29 21650 spamcheck transport yielded 0
>>>> 08:28:29 21650 search_tidyup called
>>>> 08:28:29 21648 journalling itnews@???
>>>> 08:28:29 21648 spamcheck transport returned OK for
>>>> itnews@???
>>>> 08:28:29 21648 post-process itnews@??? (0)
>>>> 08:28:29 21648 itnews@??? delivered
>>>> 08:28:29 21648 LOG: MAIN
>>>> 08:28:29 21648 => itnews@??? R=spamcheck_router
>>>> T=spamcheck H=localhost
>>>> 08:28:29 21648 >>>>>>>>>>>>>>>> deliveries are done >>>>>>>>>>>>>>>>
>>>>
>>>> This particular id is an alias, to be routed to another mailbox.
>>>> Instead it ends up in the catchall mailbox. There aren't any other
>>>> entries in the trace, and I can see the message in the catchall box.
>>>>
>>>> I can believe this is turning the message around and sending it back
>>>> into exim, but in that case, why wouldn't I see more trace entries
>>>> for that processing?
>>>>
>>>> Another thing I just noticed which makes me think this router is
>>>> doing the delivery - the owner of the spool file has changed.
>>>> Before, the file owner was the box user. Now it's the exim id. My
>>>> local delivery router/transport changes the userid to the
>>>> recipient. The SpamAssassin doesn't - it just uses the exim id.
>>>>
>>>> I've really tried to look through the documentation to see what's
>>>> wrong - but there are soooo many options I'm totally confused!
>>>> (don't take this as a complaint - I like the flexibility!).
>>>>
>>>> Is there someplace else I should be looking? Is there something
>>>> else I could post which would help? (I don't want to post the whole
>>>> config file because of its size).
>>>>
>>>> Thanks for any other help you can provide.
>>>>
>>>> Jerry
>>>>
>>>>
>>>> Marc Perkel wrote:
>>>>
>>>>> There really are no stupid questions. and your question is totally
>>>>> not stupid. But - the flow of the message isn't what you think it is.
>>>>>
>>>>> What happens in this configuration is that the message is diverter
>>>>> through spamassassin and piped back into the front end of Exim - as
>>>>> a new message - where is starts over again. The second time through
>>>>> it bypasses the SA router because it has been tagged as already
>>>>> been checked. But it doesn't got through SA and on to the next
>>>>> router as your message suggested. SA doesn't do the delivery - it
>>>>> can't and doesn't know how.
>>>>>
>>>>> The message comes in - hits the SA router - goes through SA - and
>>>>> then piped back into the front and of Exim - starts over - hits the
>>>>> SA router a second time - bypasses it and moves on.
>>>>>
>>>>> I don't know what your problem is from the code you posted but
>>>>> thought if you understand the flow better it might help you figure
>>>>> it out.
>>>>>
>>>>> Jerry wrote:
>>>>>
>>>>>> Hi, all,
>>>>>>
>>>>>> I have what is probably a VERY stupid question - but I can't find
>>>>>> the problem and couldn't find a solution in the archives.
>>>>>>
>>>>>> Some background. We had to reboot the server yesterday - the
>>>>>> first time in several months. Until that time, everything was
>>>>>> working properly.
>>>>>>
>>>>>> Previous to the reboot, SpamAssassin would scan the incoming email
>>>>>> and mark it appropriately. Processing would then continue to the
>>>>>> rest of the routers for delivery. Now the SpamAssassin router is
>>>>>> doing the delivery.
>>>>>>
>>>>>> Obviously I changed something along the lines - but I can't for
>>>>>> the life of me figure out what! I didn't think I had made any
>>>>>> changes in this area, but it has been several months so I could be
>>>>>> wrong.
>>>>>>
>>>>>> Here are the SpamAssassin router and transport:
>>>>>>
>>>>>> # This router handles spamassassin
>>>>>>
>>>>>> spamcheck_router:
>>>>>> driver = manualroute
>>>>>> domains = ${lookup mysql {MYSQL_Q_SPAMC}{$value}}
>>>>>> senders = ! ${lookup mysql {MYSQL_Q_WHITELIST}{$value}}
>>>>>> condition = ${if and { {!def:h_X-Spam-Flag:} {!eq
>>>>>> {$received_protocol}{spam-scanned}} {!eq
>>>>>> {$received_protocol}{local}} } {1}{0}}
>>>>>> route_list = "* localhost byname"
>>>>>> transport = spamcheck
>>>>>> verify = false
>>>>>>
>>>>>> # This transport handles spamassassin
>>>>>> spamcheck:
>>>>>> driver = pipe
>>>>>> command = /usr/sbin/exim -oMr spam-scanned -bS
>>>>>> use_bsmtp = true
>>>>>> transport_filter = "/usr/bin/spamc"
>>>>>> home_directory = "/tmp"
>>>>>> current_directory = "/tmp"
>>>>>> user = mail
>>>>>> group = mail
>>>>>> log_output = true
>>>>>> return_fail_output = true
>>>>>> return_path_add = false
>>>>>> message_prefix =
>>>>>> message_suffix =
>>>>>>
>>>>>> So - the stupid question - what am I missing here? Did I delete a
>>>>>> line somewhere, for instance?
>>>>>>
>>>>>> Thanks for any help you can give.
>>>>>>
>>>>>> Jerry
>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>
>>
>