Re: [exim] domains contion in DATA ACL

Top Page
Delete this message
Reply to this message
Author: W B Hacker
Date:  
To: exim-users
Subject: Re: [exim] domains contion in DATA ACL
Viktor Vislobokov wrote:

> Hi!
>
> I run into problem in Exim 4.60
>
> In exim.conf:
> ...
> domainlist antivirus_domains = lsearch;/etc/exim/antivirus_domains
> acl_smtp_data = acl_check_data
> av_scanner = clamd:/tmp/clamd
> ...
> acl_check_data:
> deny    domains       = +antivirus_domains
>         message       = Message rejected: malware found ($malware_name)
>         log_message   = Message rejected: malware found ($malware_name)
>         malware       = */defer_ok
> accept
> ...

>
> While receive a message, I have this error message in mainlog:
>
> temporarily rejected after DATA: cannot test domains condition in DATA ACL
>
>
> Can I use "domains" condition in acl_smtp_data?
> I didn't found answer for this question in spec.txt.
>
> If no, how can I solve the problem?
> Without "domains" line it is works fine, but I want to turn on antivirus
> scanner only for special domains.
>


If it is an entire source or 'from' domain you wish to select
on, simply use the acl earlier (HELO or Mail From).

If you wish to defer the action to be taken until the data
phase, set a flag in an acl-c(n) (entire connection) variable,
and test for it at the later (data) phase.

If, OTOH, it is one of your own 'incoming' destination domains
(presuming you host several), that you wish to select on, then
check the $domain portion of each incoming *message* address
against a list.

$local_part and $domain of incoming messages remains directly
available from first appearance until delivery completes.

FWIW, you should probably scan *all* incoming for WinCrobes.
The best-maintained WinBoxen still become infected. Even Mac's,
*N*X boxen, or otherwise-immune OS/2 can onpass.

HTH,

Bill