Re: [exim] Spamassassin integration

Góra strony
Delete this message
Reply to this message
Autor: Nigel Wade
Data:  
Dla: exim-users
Temat: Re: [exim] Spamassassin integration
Anthony de Boer wrote:
> I've just spent a bit of time exploring the state of spamassassin in Exim.
>
> Situation is that the majority of users are happy with Other Technical
> Means in place to reduce spam flow, but a minority would like to add
> spamassassin with per-user config files.
>
> I went straight to the Exim Specification and read the bit about SA
> support in chapter 40, but noted that all the examples had the userid
> hardcoded, and didn't give any examples of using the SA rules of the user
> getting the mail.
>
> Light dawns: this stuff is happening in a post-DATA ACL, and you may well
> have multiple RCPTs happening there, so any filtering has to be done at a
> system-default level.
>
> It might be possible to check for custom-SA-rules users at RCPT time, and
> use 4xx deferral for all but one such user, or for all custom-SA users
> while accepting mail for all the vanilla ones, such that SA can happen at
> SMTP-time. That could get hairy, would introduce retry delays since only
> one ruleset can happen per session, and is a bit beyond scope for me.
>
> http://dman13.dyndns.org/~dman/config_docs/exim-spamassassin/node12.html
> has a set of rules for piping mail through spamc and spamd on a per-user
> basis (though it looks like it may need tweaking to get the right user's
> user_prefs, and to only run for my SA users), and that looks more like
> what I'm looking for. I'm wondering if perhaps the specification should
> say something about using Exim that way, or at least not imply that
> "Content scanning at ACL time" is the only way, and meanwhile I'm
> documenting this so that hopefully the next person to go on the same
> quest uses keywords that find this thread.
>


There is (was?) a very good description of how to use both techniques in the
documentation for the old exiscan patch (which is now integrated into Exim).
Have a look at http://duncanthrax.net/exiscan-acl/exiscan-acl-examples.txt, the
final part, section 6.

I employ a similar technique here to the one you are wanting to use. I scan
using a generic ruleset at receipt time. This rejects spam which is higher than
a certain score, and accepts other messages with the spam score set in an ACL
variable. Later on I have a router which checks for a users
.spamassassin/.user_prefs file. If that exists the transport for the message
sends it to SA using their rules (our mail server is capable of handling the
extra load resulting from the double scan).

It might be possible to finesse the ACL rules to reduce the load so that, if
there is only a single recipient and that recipient has their own rules, (or all
the recipients have the same "profile") you use those rules during ACL
processing rather than the default set. It's not something I've investigated
since that additional complication isn't necessary here, and I'm firmly of the
opinion that "if it ain't broke, don't fix it".

-- 
Nigel Wade, System Administrator, Space Plasma Physics Group,
             University of Leicester, Leicester, LE1 7RH, UK
E-mail :    nmw@???
Phone :     +44 (0)116 2523548, Fax : +44 (0)116 2523555