Re: [exim] content scanning with spamassassin in exim 4.50

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Jason Keltz
Datum:  
To: exim-users
Betreff: Re: [exim] content scanning with spamassassin in exim 4.50
Hi Philip,

I've seen several examples of using Exim with the transport/router
method of calling spamc, but in my own opinion, this complicates the
mail delivery process. I know it works, but I would prefer exim not to
have to handle each message twice.

I found a very interesting and simple way of doing what I wanted to do
(running spamc as each user with their own preferences), but because it
is so simple, and because there are so many people who are not doing it
this way, I need to ask if what I am doing is good/bad and why...

In both the "local_delivery:" and "address_pipe" transports, right under
the "driver = appendfile", I simply added:

transport_filter = spamc -U /tmp/spamd.sock

Now, everything just works. Not only does "spamc" run as the user who
the message is being delivered to using their own spamassassin settings,
but it runs once per recipient, and if there is an error, spamc passes
back the original message unaltered, so either way, the delivery occurs.

Jason.

Philip Hazel wrote:
> On Wed, 27 Apr 2005, Jason Keltz wrote:
>
>
>>Hi Philip,
>>
>>I've looked into redirect routers, but not sure if they can do what I'm
>>looking for - namely, call spamc once per recipient, AS each recipient (so
>>their settings get used) on the incoming message, and then deliver the scanned
>>copy of the e-mail rather than the original email to the recipients. If you
>>can suggest how I might do this, this would be very helpful.
>
>
> A redirect router can certainly arrange to deliver the message to spamc
> as the recipient, for each recipient. (This is just like piping a
> message to a list handler such as majordomo or listman.)
>
> However, you'll have to re-inject the message afterwards, in order to
> get it delivered. This will be harder, because you have to make a
> scanned message recognizable to Exim, and if spamc is running as the end
> recipient, it won't be able to set the protocol option (-oMr) that is
> normally used to indicate this in a secure way. You could use a special
> header, provided you make sure that incoming messages do not have that
> header - you could remove it in a system filter.
>
> This kind of thing is the way people used to run SpamAssassin before Tom
> implemented the ACL interface. It costs two passes through Exim, and
> also it means you have accepted the message before scanning it.
>
> You can even run spamc as a transport filter using BSMTP to operate in
> this manner. There is an example of this on pages 163-164 of the Exim 4
> book.
>