Re: [exim] email quarantine

Top Pagina
Delete this message
Reply to this message
Auteur: Donovan Jones
Datum:  
Aan: exim-users
Onderwerp: Re: [exim] email quarantine
On Tue, 2005-03-29 at 19:14, Markus Hardiyanto wrote:
> i want to quarantine email message that known contain
> virus and spam to some directory, this emails (that
> quarantined) still can be accessed by email user (just
> incase valid email marked as bad).
>
> i use clamav and spamassassin to check emails, whether
> it contain virus and spam or not.
>
> how to set exim so if an email is suspected contain
> virus and spam exim will quarantine it to let say
> 'junk' directory?


Hi Markus

I have a setup very similar to what you describe, I have frontend
servers running exim and mailscanner[1] that label emails [SPAM] or
[VIRUS] in the subject line, these are then delivered to a pop server,
which runs pop imap and webmail. For webmail I am using openwebmail[2].

I have setup exim so it delivers any emails marked [SPAM] or [VIRUS]
into an mbox file that open webmail reads, this way the user can check
all their spam for false positives and if they find any can simply move
them into the inbox and it will be ready to pop.

Within exim there are 2 ways to do this delivery, using exim filters[3]
or using a third party MDA like maildrop or procmail[4]. I am using exim
filters.

Im my users home directories there is a file called .filter with this
content:

# cat .filter
# Exim filter
if $header_subject contains "[SPAM]"
then
        save $home/mail/spam-mail
endif
if $header_subject contains "[VIRUS]"
then
        save $home/mail/virus-mail
endif


Here are my ROUTERS

userforward:
driver = redirect
check_local_user
# local_part_suffix = +* : -*
# local_part_suffix_optional
file = $home/.forward
# allow_filter
no_verify
no_expn
check_ancestor
file_transport = address_file
pipe_transport = address_pipe
reply_transport = address_reply

userfilter:
driver = redirect
check_local_user
# local_part_suffix = +* : -*
# local_part_suffix_optional
file = $home/.filter
allow_filter
no_verify
no_expn
check_ancestor
file_transport = address_file
pipe_transport = address_pipe
reply_transport = address_reply

This way I have both .filter files with # Exim filter syntax and
traditional .forward files which openwebmail uses and they both work
correctly

If you use procmail this .procmailrc in the users home dir will
accomplish the same type of thing:

# cat .procmailrc
:0:
* ^Subject:.*(\[SPAM\]|\[VIRUS\])
$HOME/mail/Spam

It all seems to work :)

[1] http://www.sng.ecs.soton.ac.uk/mailscanner/
[2] http://www.openwebmail.org/
[3] http://www.exim.org/exim-html-4.50/doc/html/filter_toc.html
[4] http://www.procmail.org/

HTH
Regards
--
Donovan Jones
Network Engineer
FX Networks
+64-4-498 9640
http://www.fx.net.nz