Re: [exim] per user spamassassin setup

Top Page
Delete this message
Reply to this message
Author: Chris Purves
Date:  
To: Graeme Fowler
CC: exim-users
Subject: Re: [exim] per user spamassassin setup
On 24/10/06, Graeme Fowler <graeme@???> wrote:
> On Tue, 2006-10-24 at 13:29 -0600, Chris Purves wrote:
> > For anyone who is interested, I was able to get exim to call
> > spamassassin according to $local_part.
> >
> > In acl_check_rcpt I added:
> >
> >   # Set variable for user to be used by spamassassin
> >   warn
> >     set acl_m0 = $local_part

>
> OK, but...
>
> > Then in acl_check_data I was able to call spamassassin:
> >
> > spam = $acl_m0
>
> This will only take the last value of acl_m0. Given that any message
> could have multiple RCPT TO: statements, with more than one you'll end
> up with this running for only the final given recipient.
>
> > This allowed me to get around not being able to use $local_part in
> > acl_check_data.
>
> Only partially!
>
> > In order for this to work, spamd be started by root. I also noticed
> > that $local_part is specified by the e-mail, not the final delivery
> > account as set in /etc/aliases, so mails to postmaster or abuse, for
> > example, will not be able to create user_pref files,etc. I am using
> > MySQL to store user/bayes/awl settings, so in my case there is no
> > problem.
>
> $local_part in the RCPT acl comes from the RCPT TO: statements and will
> change with each different one during the RCPT phase. This is what makes
> spoofing email addresses so simple, and why we're plagued with what we
> are today (in part).
>
> When you get to DATA, the multiple recipients bit is lost, so spamd only
> gets called once. For a message with a single recipient that's all well
> and good, but for two or more it's broken. By the time you can run the
> spam check (at the end of DATA), you only have the option to accept,
> reject (or fakereject), or defer the message in its' entirety and not on
> a per-user (per-RCPT) basis.
>
> Post-DATA, you can scan the message and then do what many do - if it has
> multiple RCPTs, deliver or blackhole|throw_away|filter into folder
> according to each user's spam settings. There's a million ways you can
> achieve that one!
>


I see. Everyone else's comments make a lot more sense now. I didn't
understand that during DATA the same information is used for a single
mail even if there are mutltiple rcpt to's.

It also explains why I was seeing some nonexistent users in my
spamassassin database. What I have done as a slightly improved
version of my previous attempt is to put the 'set acl_m0 =
$local_part' line inside the various accept conditions, so that now if
multiple rcpt to's exist spamassassin will run for an actual user.
Of course, if there are multiple actual accounts there could be
problems, but it's an acceptable fix for me for now.

I'll need to read up some more on exim, but thanks for your help.

--
Take care, eh.
Chris