I've found anonther problem.
In to my blacklist_domain.cfg I've insert com.br but following mail has
entered, like can be seen from the main.log.
It is a problem of my configuration? Where I have mistaken?
2006-09-11 14:57:23 1GMlLk-00087l-NF <= consultoria@???
H=(host-196-205-231-113.static.link.com.eg) [196.205.231.113] P=esmtp
S=1178 T="High-quality pharmacy at your country."
2006-09-11 14:57:24 1GMlLk-00087l-NF => barbara.landone@???
F=<consultoria@???> R=special T=remote_smtp H=xxxxxxxxxxxxxxx
QT=4s
2006-09-11 14:57:24 1GMlLk-00087l-NF Completed
Andrea
> I've the follow configuration on my acl, but sometime Spam
> check is not executed.
> If I check the header of some mail that pass without spam
> check I've not found the X-Spam Headers.
> This is my problem and I've not understood how can solve it.
> In one previous mine mail I have sended also a debug of one
> mail not controlled.
>
> The follow lines are an example of the configuration in to
> the local.cf of my spamassassin.
>
> describe SPAM1 A spam mail
> header SPAM1 Subject =~ /PHA[a-z]{1,5}RMACY/i score SPAM1 5
>
> Below you can find my ACL defined in to my exim4.conf
>
> acl_check_rcpt:
>
> accept hosts = :
>
> #Blocca le mail con HELO non valido
> drop message = Invalid command HELO / Comando HELO non valido
> condition = ${lookup {$sender_helo_name} \
>
> lsearch{/etc/exim4/blacklist_helo.cfg} \
> {yes}{no}}
> #Blocca le mail spedite da server non nostri con i nostri domini
> deny message = Relay not permited / Relay non permesso
> sender_domains = lsearch;/etc/exim4/local_domains.cfg
> hosts = !srv-mail01
>
>
> ##############################################################
> ###############
> # The following section of the ACL is concerned with local
> parts that contain
> # @ or % or ! or / or | or dots in unusual places.
> #
>
> deny message = Restricted characters in address /
> Indirizzo con caratteri non validi
> domains = +local_domains
> local_parts = ^[0-9] : ^[.] : ^.*[@%!/|] :
> lsearch;/etc/exim4/blacklist_local_parts.cfg
>
> deny message = Restricted characters in address /
> Indirizzo con caratteri non validi
> domains = !+local_domains
> local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ :
> ^3D : lsearch;/etc/exim4/blacklist_local_parts.cfg
>
> # Accept mail to postmaster in any local domain, regardless
> of the source,
> # and without verifying the sender.
>
> accept local_parts = postmaster
> domains = +local_domains
>
> # Deny unless the sender address can be verified.
>
> require verify = sender
>
> accept hosts = +relay_from_hosts
> control = submission
>
> # Accept if the message arrived over an authenticated
> connection, from
> # any host. Again, these messages are usually from MUAs, so
> recipient
> # verification is omitted, and submission mode is set. And
> again, we do this
> # check before any black list tests.
>
> accept authenticated = *
> control = submission
>
> #Indirizzi mail considerati attendibili
> accept senders = lsearch;/etc/exim4/whitelist_mails.cfg
> #endpass
> verify = recipient
>
> #Domini mail considerati attendibili
> accept sender_domains = lsearch;/etc/exim4/whitelist_domains.cfg
> #endpass
> verify = recipient
>
> #Domini di posta considerati non attendibili
> drop message = mail drop because
> $sender_address_domain is in our blacklist / mail scartata
> perche\' $sender_address_domain e\' presente nella nostra blacklist
> !senders = lsearch;/etc/exim4/whitelist_mails.cfg
> sender_domains = lsearch;/etc/exim4/blacklist_domains.cfg
>
> #DNSBL utenti Dialup / ADSL
> drop message = mail drop because
> $sender_host_address is in a black list at $dnslist_domain /
> mail scartata perche\' $sender_host_address e\' presente
> nella blacklist di $dnslist_domain
> !senders = lsearch;/etc/exim4/whitelist_mails.cfg
> dnslists = dnsbl.njabl.org :
> dul.dnsbl.sorbs.net : sbl.spamhaus.org : whois.rfc-ignorant.org
>
> #DNSBL server considerati spammer o openrelay
> drop message = rejected because
> $sender_host_address is in a black list at $dnslist_domain /
> mail respinta perche\' $sender_host_address e\' presente
> nella blacklist di $dnslist_domain
> hosts = ! lsearch;/etc/exim4/whitelist_hosts.cfg
> senders = ! lsearch;/etc/exim4/whitelist_domains.cfg
> dnslists = sbl.spamhaus.org :
> spam.dnsbl.sorbs.net : sbl.spamhaus.org : whois.rfc-ignorant.org
>
> # Accept if the address is in a local domain, but only if
> the recipient can
> # be verified. Otherwise deny. The "endpass" line is the
> border between
> # passing on to the next ACL statement (if tests above it
> fail) or denying
> # access (if tests below it fail).
>
> accept domains = +local_domains
> endpass
> verify = recipient
>
> # Accept if the address is in a domain for which we are an
> incoming relay,
> # but again, only if the recipient can be verified.
>
> accept domains = +relay_to_domains
> endpass
> verify = recipient
>
> # Reaching the end of the ACL causes a "deny", but we might
> as well give
> # an explicit message.
>
> deny message = relay not permitted / Accesso non
> autorizzato
>
>
> acl_check_data:
>
> deny message = Blacklisted file extension detected
> ($found_extension) / Tipologia di file non autorizzato
> ($found_extension)
> demime = exe:pif:bat:scr:lnk:com:reg:vbs:cmd:js:msi:dll:cpl:eml
>
> # Deny if the message contains a virus. Before enabling
> this check, you
> # must install a virus scanner and set the av_scanner option above.
> #
> deny malware = *
> message = This message contains a virus
> ($malware_name) / Questa mail contiente un virus ($malware_name)
>
> # Aggiunta degli header a tutte le mail del controllo AntiSpam
> warn message = X-Spam-Score: $spam_score ($spam_bar)\n\
> X-Spam-Report: $spam_report\n\
> Subject: ***SPAM*** $h_Subject:
> hosts = ! lsearch;/etc/exim4/nospam_check_hosts.cfg
> spam = nobody
>
> # Scarto delle mail che hanno un punteggio > 12
> drop message = This message scored $spam_score spam points.
> hosts = ! lsearch;/etc/exim4/nospam_check_hosts.cfg
> spam = nobody:true
> condition = ${if >{$spam_score_int}{120}{1}{0}}
>
>
> accept
>
