[exim] Issues with perl + acl_smtp_data + demime

Top Page
Delete this message
Reply to this message
Author: Filippo Spike Morelli
Date:  
To: exim-users
Subject: [exim] Issues with perl + acl_smtp_data + demime
Hi,

I'm running exim 4.60-3ubuntu3.1 on ubuntu-server, dapper LTS.

Snippets from my config:

acl_smtp_mail = acl_check_mail
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_data
...
acl_check_mail:
...
  warn    !hosts        = +eq_trusted
          condition     = ${perl{isForbiddenEmail}{$sender_address_local_part@$sender_address_domain}}
          set acl_m4    = $sender_address_local_part@$sender_address_domain,$acl_m4
...
acl_check_data:
  deny    hosts         = !+eq_trusted
          message       = This message has been blocked by virus scanner ($malware_name was found)
          demime        = *
          malware       = *


  deny    condition     = ${if def:acl_m4{1}{0}}
          demime        = *
          condition     = ${perl{isForbidden}{$acl_m4}\
                          {/var/spool/exim4/scan/$message_id}}
          message       = Content is unacceptable


from exim.pl:

sub isForbiddenEmail {
    returns 0 or 1 depending if the email should be scanned for forbidden
    content or not


sub isForbidden {
  my ($addresses, $path) = (shift,shift);
...
  for my $file (glob "$path/*") {
    my $mm = new File::MMagic; # use internal magic file
    next if $mm->checktype_filename($file) !~ /^text\//;

    
    matches the content against some regexps and returns 0 or 1 depending on
    matches



--- The problems

1) Based on this post[1] the above should be ok to do headers checking, as they
should be dumped to the .eml file as part of the demime process. Unfortunately
that doesnt appear to be the case. I've added logging options to the perl
function (see question 2) and all I can see is a .com file which only contains
the body, no headers. Can anybody point out what's wrong with my settings and
how demime works? is it comparable to mimedecode?

2) Unfortunately I've got problems with logging itself. All I've added is a file
open and a few print statements to the isForbidden function, but they are never
executed when sending emails, altho they work fine if I run an exim4 -bhc $ip
test. I am sure the function is executed as if I input some forbidden pattern I
get an error message. Can anybody explain this behavior?

3) Can you suggest a better debugging strategy for content scanning/perl code?

Thanks in advance,

regards,

Spike

[1] http://www.exim.org/mail-archives/exim-users/Week-of-Mon-20050829/msg00248.html

--
#370 +(982)- [X]
<Beeth> Progress (n.): The process through which the Internet has evolved from
<Beeth> smart people in front of dumb terminals to dumb people in front of smart
<Beeth> terminals.