On Mon, 11 Apr 2005, Tony Finch wrote:
| On Mon, 11 Apr 2005, Chris Edwards wrote:
| >
| > then is there any way to get at the "message" or the "log_message" setup by
| > whichever acl_check_spam statement denied ?
|
| It should "just work" (it does for me). You might get a better result if
| you put any message and log_message modifiers immediately after the ACL
| verb instead of after all the conditions. The evaluation order of ACLs is
| sometimes confusing, and I've found this rule of thumb helps to avoid
| problems.
OK - so I've put message and log_message first now, but nothing is logged.
To recap, this is, a sub-acl returning "deny" called from a condition on a
top-level "warn" verb.
I should probably add a litle background here. We have many anti-spam
measures that operate at RCPT-time, and would like to give our users some
control over this. We already classify users as either "spam-haters" or
"spam-lovers", which currently determines whether SpamAssassin content tests
reject after DATA or simply add headers. This was easy to implement -
it's straightforward to either "deny spam..." or "warn spam..." in the
DATA ACL as appropriate, using selective defers to deal with multiple
recipients.
However, the RCPT-time measures involve a large number of ACL statements.
It would be ugly to write all them out twice, first as denies for
spam-haters, then as warns for spam lovers. It would also by ugly to turn
the whole thing into a big list of warns, setting variables which must be
tested later. Rather, it would be most elegant to write a regular/simple
"deny this, deny that" ACL. For spam-haters (the vast majority of users),
the "deny" would mean deny. But for spam lovers, the tests would be
performed, but the mails would not be denied.
It looks like this can be accomplished, calling a sub-acl like:
deny
<spam-hater condition>
!acl = acl_check_spam
warn
<spam-lover condition>
!acl = acl_check_spam
This seems OK, except that in the spam-lover case, nothing is logged, or
available to write in headers, to record which deny test in acl_check_spam
has triggered.
(this is on Solaris with the current Exim snaphost and also ancient 4.22)
I suspect it's not possible, but just wondering ;-)
--
Chris Edwards, Glasgow University Computing Service