I've the follow configuration on my acl, but sometime Spam check is not executed.
If I check the header of some mail that pass without spam check I've not found the X-Spam Headers.
This is my problem and I've not understood how can solve it.
In one previous mine mail I have sended also a debug of one mail not controlled.
The follow lines are an example of the configuration in to the local.cf of my spamassassin.
describe SPAM1 A spam mail
header SPAM1 Subject =~ /PHA[a-z]{1,5}RMACY/i
score SPAM1 5
Below you can find my ACL defined in to my exim4.conf
acl_check_rcpt:
accept hosts = :
#Blocca le mail con HELO non valido
drop message = Invalid command HELO / Comando HELO non valido
condition = ${lookup {$sender_helo_name} \
lsearch{/etc/exim4/blacklist_helo.cfg} \
{yes}{no}}
#Blocca le mail spedite da server non nostri con i nostri domini
deny message = Relay not permited / Relay non permesso
sender_domains = lsearch;/etc/exim4/local_domains.cfg
hosts = !srv-mail01
#############################################################################
# The following section of the ACL is concerned with local parts that contain
# @ or % or ! or / or | or dots in unusual places.
#
deny message = Restricted characters in address / Indirizzo con caratteri non validi
domains = +local_domains
local_parts = ^[0-9] : ^[.] : ^.*[@%!/|] : lsearch;/etc/exim4/blacklist_local_parts.cfg
deny message = Restricted characters in address / Indirizzo con caratteri non validi
domains = !+local_domains
local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ : ^3D : lsearch;/etc/exim4/blacklist_local_parts.cfg
# Accept mail to postmaster in any local domain, regardless of the source,
# and without verifying the sender.
accept local_parts = postmaster
domains = +local_domains
# Deny unless the sender address can be verified.
require verify = sender
accept hosts = +relay_from_hosts
control = submission
# Accept if the message arrived over an authenticated connection, from
# any host. Again, these messages are usually from MUAs, so recipient
# verification is omitted, and submission mode is set. And again, we do this
# check before any black list tests.
accept authenticated = *
control = submission
#Indirizzi mail considerati attendibili
accept senders = lsearch;/etc/exim4/whitelist_mails.cfg
#endpass
verify = recipient
#Domini mail considerati attendibili
accept sender_domains = lsearch;/etc/exim4/whitelist_domains.cfg
#endpass
verify = recipient
#Domini di posta considerati non attendibili
drop message = mail drop because $sender_address_domain is in our blacklist / mail scartata perche\' $sender_address_domain e\' presente nella nostra blacklist
!senders = lsearch;/etc/exim4/whitelist_mails.cfg
sender_domains = lsearch;/etc/exim4/blacklist_domains.cfg
#DNSBL utenti Dialup / ADSL
drop message = mail drop because $sender_host_address is in a black list at $dnslist_domain / mail scartata perche\' $sender_host_address e\' presente nella blacklist di $dnslist_domain
!senders = lsearch;/etc/exim4/whitelist_mails.cfg
dnslists = dnsbl.njabl.org : dul.dnsbl.sorbs.net : sbl.spamhaus.org : whois.rfc-ignorant.org
#DNSBL server considerati spammer o openrelay
drop message = rejected because $sender_host_address is in a black list at $dnslist_domain / mail respinta perche\' $sender_host_address e\' presente nella blacklist di $dnslist_domain
hosts = ! lsearch;/etc/exim4/whitelist_hosts.cfg
senders = ! lsearch;/etc/exim4/whitelist_domains.cfg
dnslists = sbl.spamhaus.org : spam.dnsbl.sorbs.net : sbl.spamhaus.org : whois.rfc-ignorant.org
# Accept if the address is in a local domain, but only if the recipient can
# be verified. Otherwise deny. The "endpass" line is the border between
# passing on to the next ACL statement (if tests above it fail) or denying
# access (if tests below it fail).
accept domains = +local_domains
endpass
verify = recipient
# Accept if the address is in a domain for which we are an incoming relay,
# but again, only if the recipient can be verified.
accept domains = +relay_to_domains
endpass
verify = recipient
# Reaching the end of the ACL causes a "deny", but we might as well give
# an explicit message.
deny message = relay not permitted / Accesso non autorizzato
acl_check_data:
deny message = Blacklisted file extension detected ($found_extension) / Tipologia di file non autorizzato ($found_extension)
demime = exe:pif:bat:scr:lnk:com:reg:vbs:cmd:js:msi:dll:cpl:eml
# Deny if the message contains a virus. Before enabling this check, you
# must install a virus scanner and set the av_scanner option above.
#
deny malware = *
message = This message contains a virus ($malware_name) / Questa mail contiente un virus ($malware_name)
# Aggiunta degli header a tutte le mail del controllo AntiSpam
warn message = X-Spam-Score: $spam_score ($spam_bar)\n\
X-Spam-Report: $spam_report\n\
Subject: ***SPAM*** $h_Subject:
hosts = ! lsearch;/etc/exim4/nospam_check_hosts.cfg
spam = nobody
# Scarto delle mail che hanno un punteggio > 12
drop message = This message scored $spam_score spam points.
hosts = ! lsearch;/etc/exim4/nospam_check_hosts.cfg
spam = nobody:true
condition = ${if >{$spam_score_int}{120}{1}{0}}
accept
> -----Original Message----- # Accetta il messaggio
> From: Gordon Ross [mailto:G.Ross@ccw.gov.uk]
> Sent: lunedì 11 settembre 2006 14.09
> To: Balzi Andrea
> Subject: Re: [exim] Problem with spamassassin [unsolved] :(((
>
> >>> On 11 September 2006 at 12:58, in message
> <F0B99E4807DEE6408D336B59A00E741D654F63@???>,
> "Balzi
> Andrea" <andrea.balzi@???> wrote:
> > Sorry, I think that I've not understood.
> > I would want to make this:
> >
> > 1. deny incoming mail that appear on a DNS RBL or on our blacklist
> file, but
> > the domain, server or e-mail address that appear in our whitelists
> are
> > accepted.
> > 2. deny mail for invalid attachment
> > 3. deny mail with virus
> > 4. check mail for spam, if mail is a spam add ***SPAM*** in to the
> subject
> > header. If the spam points is greather than 12 deny mail.
>
[...]
