RE: [exim] Per-User SpamAssassin config

Top Page
Delete this message
Reply to this message
Author: Richard Hobbs
Date:  
To: 'Nigel Wade', exim-users
CC: 
Subject: RE: [exim] Per-User SpamAssassin config
Hello,

> -----Original Message-----
> From: exim-users-bounces@???
> [mailto:exim-users-bounces@exim.org] On Behalf Of Nigel Wade
> Sent: 20 July 2005 17:25
> To: exim-users@???
> Subject: Re: [exim] Per-User SpamAssassin config
>
> Richard Hobbs wrote:
> > Hello,
> >
> > I have found our latest problem - we have a mail loop!
> Here's the command
> > used to send the mail back to exim once it's been checked (I think):
> >
> > /usr/sbin/exim4 -oMr spam-scanned -bS
> >
> > And here are the router and transport in full, which I am using:
> >
> > THE ROUTER:
> > # spamassassin stuff
> > sa_router:
> >    no_verify
> >    check_local_user
> >    # When to scan a message :
> >    # - it isn't already flagged as spam from Spamassassin
> >    # - it isn't already scanned
> >    # - it isn't local
> >    # - it isn't from one internal domain user to another
> >    condition = "${if and { \
> >                          {!def:h_X-Spam-Flag:} \
> >                          {!eq {$received_protocol}{spam-scanned}} \
> >                          {!eq {$received_protocol}{local}} \
> >                          {!eq {$sender_address_domain}{$domain}} \
> >                          } \
> >                          {1}{0}}"
> >    driver    = accept
> >    transport = sa_spamcheck
> >    local_parts = /etc/spamassassinUsers
> > # end of spamassassin stuff

> >
> > THE TRANSPORT:
> > # spamassassin stuff
> > sa_spamcheck:
> >    driver = pipe
> >    command = /usr/sbin/exim4 -oMr spam-scanned -bS
> >    use_bsmtp = true
> >    transport_filter = /usr/bin/spamc
> >    home_directory = "/tmp"
> >    current_directory = "/tmp"
> >    user = spamcheck
> >    group = spamcheck
> >    log_output = true
> >    return_fail_output = true
> >    return_path_add = false
> >    message_prefix =
> >    message_suffix =
> > # end of spamassassin stuff

> >
> > Also, we are using exim-daemon-light as our MTA.
> >
> > Any ideas??
> >
> > Thanks in advance,
> > Richard.
> >
>
> Is "spamcheck" a trusted user? If not it won't be able to set
> the protocol
> on the exim command.


Trusted in what sense, exactly? The user is a system user with a home
directory, but a user with no shell (in /etc/passwd) and no password (in
/etc/shadow).

> Also, I would not skip checking if the X-Spam-Flag header is
> present. That
> means all the spammer has to do is insert this header and
> your spam checking
> will be bypassed completely.


Good point, I have revised the condition in the router, so it is now:

#   condition = "${if and { \
#                         {!eq {$received_protocol}{spam-scanned}} \
#                         {!eq {$received_protocol}{local}} \
#                         {!eq {$sender_address_domain}{$domain}} \
#                         } \
#                         {1}{0}}"


Thinking about it... Is the condition above valid? Will it actually
successfully detect mail passed back into exim using the following command:

/usr/sbin/exim4 -oMr spam-scanned -bS

Thanks,
Richard.

-- 
Richard Hobbs (Systems Administrator)
Toshiba Research Europe Ltd. - Speech Technology Group
Web: http://www.toshiba-europe.com/research/
Email: richard.hobbs@???
Tel: +44 1223 376964        Mobile: +44 7811 803377




_____________________________________________________________________
This e-mail has been scanned for viruses by MCI's Internet Managed Scanning Services - powered by MessageLabs. For further information visit http://www.mci.com