[exim] Using a pipe filter to allow or deny a message, but n…

Top Page
Delete this message
Reply to this message
Author: Kieran Simkin
Date:  
To: exim-users
Subject: [exim] Using a pipe filter to allow or deny a message, but nothing else.
Hi guys,
I've been messing around with this for a while and can't quite get it to
work. Let me first explain our system; we have exim running on a machine
which delivers mail from the internet to local users, local users also
use the same mail server to send outgoing mail (both directly from PHP
etc running on the same machine as well as remotely via authenticated
SMTP).

The problem I'm having is that I'd like a copy of every message that's
sent by one of my users (either locally or via ASMTP) to be passed to a
program on stdin, and the return code to be used to determine whether or
not to continue processing the message. If a failed return code is
received, a bounce should be generated immediately (the message should
not be deferred). The program I'm using does not perform any actual
delivery itself, I want that handled by exim in the normal way, nor does
the program modify the message at all.

The first thing I tried was a transport_filter line in my remote_smtp
transport:

remote_smtp:
driver = smtp
headers_add = "${if eq{${authenticated_id}}{} {}
{X-Authenticated-Sender: ${authenticated_id}\nX-Complaints:
abuse@???\nX-Admin: admin@???\nX-Abuse:
abuse@??? (Please include full headers in abuse reports)}}"
transport_filter = "/usr/local/symposium/bin/utils/maillimit
${authenticated_id}"

This almost does what I want, but instead of rejecting the message in
case of a failed return code, the message is deferred:

2006-02-02 02:37:58 1F4UMA-000Ne9-8d <= kieran@???
U=kieran P=local S=351
2006-02-02 02:37:58 1F4UMA-000Ne9-8d == ****@hotmail.com R=dnslookup
T=remote_smtp defer (-24): transport filter process failed (1)

The other thing I tried was a system filter:

system_filter = /usr/local/etc/exim/filter
system_filter_pipe_transport = address_pipe
system_filter_user = mailnull

/usr/local/etc/exim/filter contains the following:

# Exim Filter

unseen pipe "/usr/local/symposium/bin/utils/maillimit ${authenticated_id}"

I tried this without unseen only to find out that exim treats a pipe in
a forward file as a delivery agent (ie, it considers the message to be
delivered if the program returns no error). This is no good as I don't
particularly want to have my program pass messages back to exim (ugly
hack). After probing the filter specification deeper I learned that
return values from pipes are not available in a filter file because
message processing occurs later. This means even with "unseen", it's
impossible to write an accept/reject filter based on the return value of
a pipe.

So, how do I do it?

Any help greatly appreciated.

Best regards,

~Kieran Simkin
Digital Crocus
http://digital-crocus.com/