Re: [exim] Message size checks on spam ACLs

Chris Edwards wrote:
> | There's been some discussion of late on the SpamAssassin mailing list
> | about spamd memory usage skyrocketing for Exim users. The current
> | thinking is that the persons reporting this problem are not checking
> | (and thus limiting) the size of messages being sent to spamd. I noticed
> | that the spam ACL examples in the 4.5 spec don't include (or even
> | mention) size checks.
>
> It's easy enough to skip SA for big messages.
>
> However, we're noticing a fair bit of spam slipping thru over our size
> threshold. Yes, we should look to see if we can up the threshold, but
> whatever the limit is, there still needs to be one, so the current setup
> may be making things a bit too easy for the spammers...
>
> Rather than simply passing the messages unscanned, it would be nice to
> show the first X kilobytes to spamd, in the hope the truncated version is
> spammy enough to get a decent score (which in most cases it will be).
> A similar idea to $message_body_visible.
>
> So, I think this is a feature request ;-)

I'd say that should be a scanner feature, not an exim one.

At worst you should fake it with a pipeline in front of the
scan package (head, dd, whatever).

- Jeremy