RE: [exim] O¨Reilly Exim book useful for Exim 4?

Top Page
Delete this message
Reply to this message
Author: Herb Martin
Date:  
To: exim-users
Subject: RE: [exim] O¨Reilly Exim book useful for Exim 4?
> | > Well, what it says is "When av_scanner is correctly set,
> you can use
> | > the malware condition in the DATA ACL." Perhaps I should
> make that
> | > clearer by adding "(but not in the MIME ACL)".
> |
> | Yes -- part of the problem arises because apparently the av_scanner
> | was legal BEFORE the scanning was folded into the main product.
>
> No, it was always part of the exiscan patch.


My point was that I have seen examples of Malware in the
MIME ACL but these seem to be from the patch days.

> | Some of the examples out there indicate "decode" and "malware"
> | in the MIME ACL (unless I am very confused),
>
> I think you may be confused, at least I see no such examples
> in the documentation. "decode" is valid only in the MIME
> ACL, while malware is valid only in the DATA ACL.
>
> | and supposedly the
> | "demime" is deprecated but there doesn't seem to be a
> replacement for
> | the DATA section (like decode) so I am not sure why it would be
> | deprecated.
>
> Supposedly, everything "demime" can do can be done using the
> more general capabilities of the MIME ACL. But if it ever
> does disappear, I will sorely miss it as it is a much simpler
> and more straightforward UI for the things it does.


But that is part of the point if the MIME ACL does NOT allow
the MALWARE but the MIME ACL is supposed to replace DEMIME
(in Data ACL) then you have the case that you cannot replace
it completely.

(On can question the need for demime but that is not the same
as saying that the MIME Acl can replace "demime with malware".

> |...
> | You are correct that this point is NOT in error, just not
> as explicit
> |as it can be AND there is obsolete information in other places that
> |contradicts it.
>
> Where?


I want to make it clear that this is NOT a criticism of the older
documentation -- I learned enough to make this EXCELLENT feature
set work from such help, but such sources cannot be blamed for
later changes or my own mistakes:

Spam and Virus Scanning with Exim 4
using Exiscan and/or SA-Exim Mini-HOWTO
http://www.timj.co.uk/linux/Exim-SpamAndVirusScanning.pdf
6.2.5.2. In the MIME ACL

deny message = ...contains ... harmful content ($malware_name)
     malware = *