Re: [exim] spam acl condition syntax

Etusivu
Poista viesti
Vastaa
Lähettäjä: W B Hacker
Päiväys:  
Vastaanottaja: exim users
Aihe: Re: [exim] spam acl condition syntax
Stuart Gall wrote:

*snip*

>
> So can I infer that spam = X
> where X is the user of the process under which spamd is running - hmm
> that wont fly on a virtual host.
>


Flies just fine here.

Experiment with it while 'tailing' wherever spamd logs in another terminal.

Note the effect there of using 'true', OR real shell-account-holder names, OR
non-existent names w/r the euid spamd *reports* running as. PS or top may disagree.

AFAICS, the field is a 'DRGAD' on a virtual host, *except* for the effect it may
have on what (little) use spamd has for a $home directory, where it logs, dumps
error output, etc.

IOW - just hasn't seemed to matter...

>
>>Before reaching this stage, a 'warn' verb was used to set an acl
>>'flag' for
>>certain authenticated clients, etc. This also controlled skipping
>>other checks.
>>
>>And/or you can add the line something like this one:
>>
>>     !local_parts = postmaster : abuse : hostmaster

>
>
> I would love to, but I think that I cant use local_parts in the
> data_acl right ?
>


AFAIK they are available anytime after acl_smtp_recpt and persist until final
disposition (router/transport actioned).

NOT SHOWN in first port was what we DO with the (cached) spam score, on per-user
basis.. Per-user prefs are pulled by a lookup at the end of acl_smtp_recpt or
first thing in acl_smtp_predata and loaded into acl_m variables.

You might find something you can more easily adapt in these:
## note that I am leaving a spamd call in ALL of them but it only need be called
## ONCE
## you may remove that call from all but the first of whatever you use.
## note also that these do NOT use headers or reports from SA,
## you'd need to add those

=====
   # DATA_SCAN_11: Put headers in messages when score is over per-recipient limits
   #
   warn
   # logwrite    = DS11 Spam Bars $spam_score
     !condition  = ${if eq{$acl_m0}{1}}
     spam        = spamd:true
     condition   = ${if >{$spam_score_int}{${eval:$acl_m7}}{1}{0}}
     message     = X-Spam-Bars: ($spam_bar) $spam_score
     log_message = DS11 Spam Bars header added ($spam_bar) $spam_score


   # DATA_SCAN_12: Modify Subject line with *Suspect* when score is over limit
   # and prep for divert to quarantine if per-recipient pg_quarantine is set
   #
   warn
   # logwrite    = DS12 Add Suspect to subject $spam_score_int
     !condition  = ${if eq{$acl_m0}{1}}
     condition   = ${if >{$spam_score_int}{${eval:$acl_m7}}{1}{0}}
     spam        = spamd:true
     add_header  = Subject: *Suspect* $h_Subject:
     log_message = DS12 *Suspect* header added $spam_score_int


   # DATA_SCAN_13: Quarantine spam at scores above per-recipient setting
   #
   warn
   # logwrite    = DS13 X-Junk header $spam_score_int
     !condition  = ${if eq{$acl_m0}{1}}
     condition   = ${if >{$spam_score_int}{${eval:$acl_m8}}{1}{0}}
     add_header  = X-Junk: HIGHLY SUSPECT MESSAGE!
     log_message = DS13 $acl_m3 scored $spam_score spam points
     spam        = spamd:true


   # DATA_SCAN_14: Reject spam outright at scores above per-recipient SPAMLIMIT
   #
   discard
   # logwrite    = DS14 User Spam Reject $spam_score_int
     !condition  = ${if eq{$acl_m0}{1}}
     condition   = ${if >{$spam_score_int}{${eval:$acl_m9}}{1}{0}}
     message     = Classified as spam at $spam_score points
     log_message = DS14 $acl_m3 scored $spam_score spam points
     spam        = spamd:true


   # DATA_SCAN_15: Reject spam outright at scores above global SPAMLIMIT
   # even if per-recipient score is set to a higher number
   #
   discard
   # logwrite    = DS15 Global Spam Reject $spam_score_int
     !condition  = ${if eq{$acl_m0}{1}}
     condition   = ${if >{$spam_score_int}{SPAMLIMITINT}{1}{0}}
     message     = Classified as spam at $spam_score points
     log_message = D18S13 $acl_m3 scored $spam_score spam points
     spam        = spamd:true


I won't go into the use of 'discard' at this time - but there are significant
caveats, so you should research and test before use.

Bill