Dave Lugo wrote:
> On Thu, 19 Oct 2006, SeattleServer.com wrote:
>
>>>Is there a way to have exim call spamassassin with the user to whom
>>>the e-mail is sent?
>>
>>Not unless your defer after every recipient in the RCPT ACL so that exim sees
>>a new copy of the message (and thus a new instance of the DATA ACL) for each
>>recipient. I really doubt you want that.
>>
>
>
> I currently do just that on a handful of vanity domains. In a low-volume
> situation, it works perfectly fine.
>
>
>>Run it through SA in the data ACL regardless. Add a header to the message if
>>you want and/or set an ACL variable with the result. Then decide whether to
>>accept or reject or filter it per-recipient in the router or whatever exim
>>hands the mail off to (maildrop, for instance). You can use the ACL variable
>>in the routers.
>>
>
>
> (I've been thinking of that as well, as the next project on my hobby
> stuff)
>
> Another way to do it...
>
> I've been considering accepting multiple rcpt_to, and setting up
> some sort of recursive loop in the DATA acl to churn through each
> rcpt's SA prefs.
>
> . If all the recipients' configs say 'accept', it's 250'd.
>
> . If all the recipients' configs say 'reject', it's 5xx'd.
>
> . If some of the recipients' configs say 'reject', 5xx it,
> AND give a detailed rejection message along the lines of:
>
> (adjust as needed for multiline responses)
>
> 550 One or more recipient addresses were unable to accept
> this message.
> REJECTED: user@???, joe@???
> ACCEPTED: frank@???
>
>
> My possibly flawed thinking runs along the lines of:
>
> . real mailing lists use VERP, and don't do multiple rcpt_to
> . stuff to multiple rcpts like this usually person-to-person,
> and they might notice the rejection
>
>
> Has anyone tried something like this?
>
Sure. Since 2006.
Works very well most of the time simply because:
- many *of our* arrivals are single-recipient anyway (over 98% here), and Exim
has an expansion variable that can tell you when not.
- multiple arrivals are nearly always delivered one domain per connection, and
a domain *may* have same/similar rules for all staff. Our busiest one DOES have.
- an AWL check for 'well known correspondents' has been recently added to
prevent rejection, even if they *might* later fail the scanning.
Accordingly a bulk-rejection for some-other-user's thresholds is seldom seen
*here*.
CAVEAT ONE:
Expect certain posters on this list to heave the odd brickbat at you if/as/when
the message you return is not to their preconceptions...
;-)
CAVEAT TWO: Our method WOULD be a major problem *elsewhere*, even with less
contentious return messages.
- Not everyone runs domain-wide preference settings.
- Not everyone has a preponderance of single-recipient traffic.
As to going further, Exim can be made more flexible, but the REAL 'Catch 22' is
the way smtp itself is sequenced:
- the MTA cannot scan a message it does not HAVE
- 'Recpt To' is only a conversation whom is to receive/not a potential message,
not yet the actual handover of said message.
- 'Recpt To' is also the last opportunity to 'cleanly' reject on a
'per-recipient' basis.
Bill