Hello,
On Wed, Aug 31, 2005 at 04:22:26PM +0100, Philip Hazel wrote:
> On Wed, 31 Aug 2005, Matthias Waffenschmidt wrote:
>
> > If the original message lacks certain headers like From: or Date: it
> > would be fine, if there is a control, whether Exim should handle the
> > reinjected mail as a locally generated one or more accuately to
> > disable submission mode.
>
> It will not treat it as local if you submit it from a trusted user and
> supply a remote IP address using -oMa, but that is very much a hack.
That's really a hack, but I like it 8-)
BTW: It does not have to be a remote IP address, 127.0.0.1 has the
same effect
> > It is very nice (using the -F option), that there now is no misleading
> > name in the From: header, but if the original sender did not enter a
> > From: line, while should I add one?
>
> Because a message without an originator field or a date is syntactically
> invalid. From RFC 2822:
>
> "The only required header fields are the origination date field and
> the originator address field(s)."
>
> Exim doesn't like sending out locally-submitted messages that are
> invalid. Sysadmins who are picky are justified in refusing messages with
> no originator fields or no date field.
I perfectly understand that point, but the fact, that it is
locally-submitted, is somewhat artifical.
> > The very same is true for the Date: header and even worse:
> > SpamAssassin adds points and claims the test MISSING_DATE has matched,
> > if there is no such header, but Exim adds the header during
> > reinjection. This may cause some confusion...
>
> Sigh. Reinjection isn't as useful for this kind of use as perhaps one
> might think.
It don't like the reinjection (via -bS or SMTP) either (another ugly
side-effect is the occurrence of two messages in the logs), but
unfortunately I don't see another possibility. I really wonder why
this questions did not raise earlier, because this method is the
standard spam-checking method (besides exiscan) that a lot of people
are using.
> > A 'control = no_submission' as a new ACL option would probably also do
> > the trick.
>
> Only if you re-inject using SMTP (*not* BSMTP) and can identify the
> reinjected messages so that you don't do this for non-reinjected
> messages. [You couldn't do this in the non-SMTP ACL because that runs
> far too late; the submission stuff has already happened.]
I see, thanks for the explanation.
> So why not submit to 127.0.0.1 anyway and have done with it? You can
> always use another port to identify reinjected messages (and reject
> anyone else who connects to the port).
That's another possibility, but I really like the -oMa option as there
is nothing else I have to change in the current setup.
Thank you very much for your help.
--
Gruss / Best regards | LF.net GmbH | fon +49 711 90074-411
Matthias Waffenschmidt | Ruppmannstr. 27 | fax +49 711 90074-33
mw@??? | D-70565 Stuttgart | http://www.lf.net