Re: [exim] DATA ACL and conditions

Top Page
Delete this message
Reply to this message
Author: Tom Ray [Lists]
Date:  
To: Christian Gregoire
CC: exim-users
Subject: Re: [exim] DATA ACL and conditions


Christian Gregoire wrote:
> Hello,
>
> I can't get the condition option to work with DATA ACL. I have the following :
>
>   warn message          = X-Spam-Report: $spam_report
>        spam             = joe:true
>        condition        = false

>
> and still, Spamassassin gets called everytime a message arrives.
>
> Reading the manual, it seems to me that the condition option only applies AFTER Spamassassin has been called. Am I right ?
>
> Actually, I'd like the antispam filter to be called only if the use wishes to (say, if a file <user>.spam exists).
>
> Thanks in advance.
>
> Christian
>
>


Well I don't know what MTA you are using but I use Exim and I call on
Spam Assassin through a Transport. It does exactly what you are asking
for, unless they have a file called spamcheck in their folder it doesn't
run the mail through Spam Assassin. I'm also hosting virtual mail
accounts and while I haven't been able to make it work per account, I
have been able to make it work per domain with some tweaking. Here's
what I use:

# SpamAssassin
spamcheck_router:
driver = accept
no_verify
check_local_user = false
# When to scan a message :
# - it isn't already flagged as spam
# - it isn't already scanned
condition = "${if and { {!def:h_X-Spam-Flag:} {!eq
{$received_protocol}{spam-scanned}}} {1}{0}}"
require_files = /mail/${domain}/spamassassin/${local_part}/spamcheck
transport = spamcheck

This is the router I use. Each domains has a folder called spamassassin
in it. When the domain admins add/edit a mailbox in my control panel
they can check an option "Use Spam Assassin on this account" if that is
check it writes a plain text file called "spamcheck" the file doesn't
need to have anything in it, it just needs to exsist. I just have a line
that states ## Check for SPAM ## in it.

spamcheck:
    driver = pipe
    command = /usr/local/exim/bin/exim -oMr spam-scanned -bS
    use_bsmtp = true
    transport_filter = /usr/bin/spamc -u 
${lookup{$domain}lsearch*{/etc/exim/sa-list}{$value}}
    home_directory = /tmp
    current_directory = /tmp
    # must use a privileged user to set $received_protocol on the way 
back in!
    user = exim
    group = exim
    log_output = true
    return_fail_output = true
    return_path_add = false
    message_prefix =
    message_suffix =


This is the transport I use. This is where I had to so dome tweaking, I
had to created actual users on the server for SA to read from. (Although
I'm still trying to make it work per virtual user any thoughts would be
great!) However, some of my users have multiple domains and they may
want to have different SA rules per domain so I created users based on
the domain name so domain.com is associated with the user domaincom and
domain.net is associated with the user domainnet. As you can see I have
spamc run through a file that has all the users listed with their
domains in a tabbed format. I fit finds the domain in the list it runs
spamc as the associated user. So my sa-list looks like this:

domain.com<tab>domaincom
domain.net<tab>domainnet

Hope this helps.