I've just spent a bit of time exploring the state of spamassassin in Exim.
Situation is that the majority of users are happy with Other Technical
Means in place to reduce spam flow, but a minority would like to add
spamassassin with per-user config files.
I went straight to the Exim Specification and read the bit about SA
support in chapter 40, but noted that all the examples had the userid
hardcoded, and didn't give any examples of using the SA rules of the user
getting the mail.
Light dawns: this stuff is happening in a post-DATA ACL, and you may well
have multiple RCPTs happening there, so any filtering has to be done at a
system-default level.
It might be possible to check for custom-SA-rules users at RCPT time, and
use 4xx deferral for all but one such user, or for all custom-SA users
while accepting mail for all the vanilla ones, such that SA can happen at
SMTP-time. That could get hairy, would introduce retry delays since only
one ruleset can happen per session, and is a bit beyond scope for me.
http://dman13.dyndns.org/~dman/config_docs/exim-spamassassin/node12.html
has a set of rules for piping mail through spamc and spamd on a per-user
basis (though it looks like it may need tweaking to get the right user's
user_prefs, and to only run for my SA users), and that looks more like
what I'm looking for. I'm wondering if perhaps the specification should
say something about using Exim that way, or at least not imply that
"Content scanning at ACL time" is the only way, and meanwhile I'm
documenting this so that hopefully the next person to go on the same
quest uses keywords that find this thread.
--
Anthony de Boer
