Autor: Magnus Holmgren Datum: To: exim-users Betreff: Re: [exim] The demine ACL rule
Wednesday 17 May 2006 12:04 skrev Dermot Paikkos: > Exim 4.5 (Debian) with SA-Exim.
>
> I have the following test in my conf/acl file
>
> deny message = Serious MIME defect detected ($demime_reason)
> demime = *
> condition = ${if >{$demime_errorlevel}{2}{1}{0}}
>
> I am by no means an expert but I strongly suspect all mail is being
> demimed.
Unless you explicitly make exceptions, that's correct.
> I would like to modify my config so that only incoming mail is
> scanned. I think I need to use a +relay_from_hosts rule.
The term "incoming" is a bit of a misnomer. To Exim, all mail is "incoming"
first, then gets routed and finally delivered, during which phase
its "outgoing". What you are talking about is more of "incoming mail from
unknown/external sources".
> Does it look like all mail is scanned. Is it possible to make this
> conditional on to a subnet? Can anyone give me some pointers on how I
> can skip scanning of local mail?
Just read chapter 39 thoroughly. But you seem to be on the right way; a simple
!hosts = +relay_from_hosts
before the "demime = *" line above should suffice, if the hostlist
relay_from_hosts has been set to your internal net, which is also the set of
hosts that is allowed to relay.
I have a sub-ACL which returns accept for authenticated users and local
networks, then use that in multiple places where known users are to be
treated differently, to make the main ACL rules simpler.