I reviewed some statistics recently, and found that a spamassassin check for a
missing closing boundary on MIME parts matches mail which is >99% spam and
only 3 possibly-legitimate messages that I could identify based on the
sender, recipients, sending host, and subject data.
I could simply increase the weight of the SA test, but this would cause the
messages to be bounced with an error indicating that it was spam, rather than
something that more clearly described the fact that the mail was malformed.
So I would like if possible to reject these sorts of broken messages from
exim. I looked through the mime/demime parts of the manual, but couldn't
find anything obvious. Does anybody know if this is possible?
Also, I have the following in my MIME ACL:
deny condition = ${if >{$demime_errorlevel}{2}{1}{0}}
demime = *
message = Serious MIME defect detected ($demime_reason).
log_message = MIME: Serious MIME defect detected ($demime_reason).
...however the manual indicates that the demime condition will only work in
the DATA ACL (though I've gotten no errors with the current setup). So am I
correct in assuming that I should move the above into the DATA ACL instead?
Where can I find documentation on what causes demime to return the possible
errorlevels, and what the possible return values are for $demime_reason? I
suspect that therein the answer to my problem lies...
P.S. Is the MIME ACL stuff intended as a newer full replacement for the
DEMIME stuff that I should be using instead?
Cheers,
--
Casey Allen Shobe | cshobe@??? | 206-381-2800
SeattleServer.com, Inc. |
http://www.seattleserver.com
