Hi,
I know there have been numerous questions about exim acls in the past,
and I have searched through many of them. I have also read the exiscan
acl spec located here:
http://duncanthrax.net/exiscan-acl/exiscan-acl-spec.txt. I thought I
understood how the process for limiting the number of mime parts per
email worked, but perhaps I am wrong because in testing, I can still
successfully send emails to myself with a number of attachments
greater than what is set by the acl.
Here are the 2 steps I have taken. On one hand I hope I have not
overlooked something incredibly obvious while trying to set this up,
and on the other hand, I kinda of hope I have.
First I added "acl_smtp_mime = mime_part_count" (without the quotes)
to exim.conf, in between "acl_smtp_rcpt = check_recipient" and
"acl_smtp_data = check_message", as the spec says that acl_smtp_mime
is called just before the acl_smtp_data ACL. Seemed logical to me:
# head -15 /etc/exim.conf | grep -v ^#
acl_smtp_rcpt = check_recipient
acl_smtp_mime = mime_part_count
acl_smtp_data = check_message
(newlines removed)
Second, I added the following to exim.conf in between the
"check_recipient:" and "check_message": sections:
mime_part_count:
deny
condition = ${if >{$mime_part_count}{5}{yes}{no}}
message = Too many MIME parts (max 5)
log_message = DENY: MIME Error (Too many MIME parts: $mime_part_count)
(I have also tried several variants of that acl as found via google
and in the exim-users archives. The examples do not vary much, however
- a 1 instead of "yes", a 0 instead of "no". One example had a
"!$content_rfc822" line or something similiar that I removed).
The problem is, I then log into webmail and successfully send myself
emails with more than 5 attachments. I can verify there are no
problems mainly because I can receive the email, but there are also no
"Too many MIME parts" messages in /var/log/exim_*. The attachments I
tried first were 0k text files, then I tried several pngs with an html
file and a small sized text file.
I have to admit I am not nearly as familiar with exim as I'd like to
be at this point. I did search for "mime" in /etc/*exim* and came
across the demime line in /etc/exim.conf.mailman2.exiscan.dist, which
I noticed also has an acl section, so I tried the acl lines in there
as well (but not in both exim.conf.mailman2.exiscan.dist and exim.conf
at the same time).
Since I am fairly confident that I have set up the rules correctly, I
am guessing at this point that exiscan is not being called due to the
following:
- It is ONLY called if the message has a MIME-Version header.
However, looking at the headers of the latest test email in Thunderbird, I see:
MIME-Version: 1.0
Content-Type: multipart/mixed;boundary="---_20050727172346_84535"
If anyone has any suggestions, I would sincerely appreciate it. If I
have grossly overlooked something in the documentation, I'll be glad
to re read the documentation again. Thanks.
