Re: [exim] Problem with spamassassin [unsolved] :(((

Top Page
Delete this message
Reply to this message
Author: Balzi Andrea
Date:  
To: Exim, Users
Subject: Re: [exim] Problem with spamassassin [unsolved] :(((
I've the follow configuration on my acl, but sometime Spam check is not executed.
If I check the header of some mail that pass without spam check I've not found the X-Spam Headers.
This is my problem and I've not understood how can solve it.
In one previous mine mail I have sended also a debug of one mail not controlled.

The follow lines are an example of the configuration in to the local.cf of my spamassassin.

describe SPAM1 A spam mail
header SPAM1 Subject =~ /PHA[a-z]{1,5}RMACY/i
score SPAM1 5

Below you can find my ACL defined in to my exim4.conf

acl_check_rcpt:

accept hosts = :

  #Blocca le mail con HELO non valido
  drop message     = Invalid command HELO / Comando HELO non valido
       condition   = ${lookup {$sender_helo_name} \
                                     lsearch{/etc/exim4/blacklist_helo.cfg} \
                                                          {yes}{no}}
  #Blocca le mail spedite da server non nostri con i nostri domini
  deny message = Relay not permited / Relay non permesso
       sender_domains = lsearch;/etc/exim4/local_domains.cfg
       hosts = !srv-mail01


#############################################################################
# The following section of the ACL is concerned with local parts that contain
# @ or % or ! or / or | or dots in unusual places.
#

  deny    message       = Restricted characters in address / Indirizzo con caratteri non validi
          domains       = +local_domains
          local_parts   = ^[0-9] : ^[.] : ^.*[@%!/|] : lsearch;/etc/exim4/blacklist_local_parts.cfg


  deny    message       = Restricted characters in address / Indirizzo con caratteri non validi
          domains       = !+local_domains
          local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ : ^3D : lsearch;/etc/exim4/blacklist_local_parts.cfg


# Accept mail to postmaster in any local domain, regardless of the source,
# and without verifying the sender.

  accept  local_parts   = postmaster
          domains       = +local_domains


# Deny unless the sender address can be verified.

  require verify        = sender


  accept  hosts         = +relay_from_hosts
          control       = submission


# Accept if the message arrived over an authenticated connection, from
# any host. Again, these messages are usually from MUAs, so recipient
# verification is omitted, and submission mode is set. And again, we do this
# check before any black list tests.

  accept  authenticated = *
          control       = submission


  #Indirizzi mail considerati attendibili
  accept  senders       = lsearch;/etc/exim4/whitelist_mails.cfg
          #endpass
          verify        = recipient


  #Domini mail considerati attendibili
  accept  sender_domains = lsearch;/etc/exim4/whitelist_domains.cfg
          #endpass
          verify        = recipient


  #Domini di posta considerati non attendibili
  drop    message       = mail drop because $sender_address_domain is in our blacklist / mail scartata perche\' $sender_address_domain e\' presente nella nostra blacklist
          !senders      = lsearch;/etc/exim4/whitelist_mails.cfg
          sender_domains = lsearch;/etc/exim4/blacklist_domains.cfg


  #DNSBL utenti Dialup / ADSL
  drop    message       = mail drop because $sender_host_address is in a black list at $dnslist_domain / mail scartata perche\' $sender_host_address e\' presente nella blacklist di $dnslist_domain
          !senders      = lsearch;/etc/exim4/whitelist_mails.cfg
          dnslists      = dnsbl.njabl.org : dul.dnsbl.sorbs.net : sbl.spamhaus.org : whois.rfc-ignorant.org


  #DNSBL server considerati spammer o openrelay
  drop    message       = rejected because $sender_host_address is in a black list at $dnslist_domain / mail respinta  perche\' $sender_host_address e\' presente nella blacklist di $dnslist_domain
          hosts         = ! lsearch;/etc/exim4/whitelist_hosts.cfg
          senders       = ! lsearch;/etc/exim4/whitelist_domains.cfg
          dnslists      = sbl.spamhaus.org : spam.dnsbl.sorbs.net : sbl.spamhaus.org : whois.rfc-ignorant.org


# Accept if the address is in a local domain, but only if the recipient can
# be verified. Otherwise deny. The "endpass" line is the border between
# passing on to the next ACL statement (if tests above it fail) or denying
# access (if tests below it fail).

  accept  domains       = +local_domains
          endpass
          verify        = recipient


# Accept if the address is in a domain for which we are an incoming relay,
# but again, only if the recipient can be verified.

  accept  domains       = +relay_to_domains
          endpass
          verify        = recipient


# Reaching the end of the ACL causes a "deny", but we might as well give
# an explicit message.

  deny    message       = relay not permitted / Accesso non autorizzato



acl_check_data:

  deny message = Blacklisted file extension detected ($found_extension) / Tipologia di file non autorizzato ($found_extension)
       demime = exe:pif:bat:scr:lnk:com:reg:vbs:cmd:js:msi:dll:cpl:eml


  # Deny if the message contains a virus. Before enabling this check, you
  # must install a virus scanner and set the av_scanner option above.
  #
  deny    malware   = *
          message   = This message contains a virus ($malware_name) / Questa mail contiente un virus ($malware_name) 


  # Aggiunta degli header a tutte le mail del controllo AntiSpam
  warn  message = X-Spam-Score: $spam_score ($spam_bar)\n\
                  X-Spam-Report: $spam_report\n\
                  Subject: ***SPAM*** $h_Subject:
        hosts = ! lsearch;/etc/exim4/nospam_check_hosts.cfg
        spam = nobody


  # Scarto delle mail che hanno un punteggio > 12
  drop  message = This message scored $spam_score spam points.
        hosts = ! lsearch;/etc/exim4/nospam_check_hosts.cfg
        spam = nobody:true
        condition = ${if >{$spam_score_int}{120}{1}{0}}



accept

> -----Original Message----- # Accetta il messaggio
> From: Gordon Ross [mailto:G.Ross@ccw.gov.uk]
> Sent: lunedì 11 settembre 2006 14.09
> To: Balzi Andrea
> Subject: Re: [exim] Problem with spamassassin [unsolved] :(((
>
> >>> On 11 September 2006 at 12:58, in message
> <F0B99E4807DEE6408D336B59A00E741D654F63@???>,
> "Balzi
> Andrea" <andrea.balzi@???> wrote:
> > Sorry, I think that I've not understood.
> > I would want to make this:
> >
> > 1. deny incoming mail that appear on a DNS RBL or on our blacklist
> file, but
> > the domain, server or e-mail address that appear in our whitelists
> are
> > accepted.
> > 2. deny mail for invalid attachment
> > 3. deny mail with virus
> > 4. check mail for spam, if mail is a spam add ***SPAM*** in to the
> subject
> > header. If the spam points is greather than 12 deny mail.
>

[...]