Re: [exim] Deliver mail to another file if quota is full

Top Page
Delete this message
Reply to this message
Author: Bernd Kuhls
Date:  
To: exim-users
Subject: Re: [exim] Deliver mail to another file if quota is full
Phil Pennock wrote:
> On 2007-06-07 at 19:40 +0200, Bernd Kuhls wrote:
>> here we have a policy not to bounce any mail.
>>
>> Appendfile delivery takes place to /home/${local_part}/.imap_mail/inbox
>> If the user is over filesystem quota, the mail should be
>> stored in /var/mail/${local_part} instead.
>
> So to only try delivery to /home/${local_part}/.imap_mail/inbox once,
> use:
> condition = ${if first_delivery}


Hi,

after several hours trying to get it to work without success I admit I
should have posted a copy of the current Exim configuration at first
place;-)

Our setup is a bit more advanced like I originally stated.

Normal inbox: $HOME/.imap_mail/inbox

User can optionally enable a spam check of incoming mails.

Exim router: user_SPAMscan, require_files = ${home}/.mta_spamscan
If $HOME/.mta_spamscan exists, the mail is scanned, tags with the result
added and the mail stored in normal inbox.

Exim router: user_SPAMstore, require_files = ${home}/.mta_spamstore
If $HOME/.mta_spamstore exists, the mail is scanned, tags with the
result added and spam mails are stored in $HOME/.imap_mail/Spam.
Non-spam is stored in normal inbox.

Same is valid for virus scanning:
Exim router: user_VIRUSscan, require_files = ${home}/.mta_virusscan
If $HOME/.mta_virusscan exists, the mail is scanned, tags with the
result added and the mail stored in normal inbox.

Exim router: user_VIRUSstore, require_files = ${home}/.mta_virusstore
If $HOME/.mta_virusstore exists, the mail is scanned, tags with the
result added and virus mails are stored in $HOME/.imap_mail/Virus.
Non-spam is stored in normal inbox.

Exim router user_VIRUSandSPAMscan to do a combined spam+virus scan also
exists, but it works the same way as described above.

Scanning takes place by using external scripts (not my design choice,
but I do not like to change a running system) and re-injecting the
resulting mail using

/usr/sbin/sendmail -f "${SENDER}" "${RECIPIENT}" < ${TMPFILE}

During my tests a virus/spam check did not take place (confirmed by exim
-d -v), so spam+virus checks should IMHO not be the source of my
problems, at least at the moment...

In an over-quota situation all mails should be written to
/var/mail/$user to avoid bounces, so users lose the function to keep
their inbox clean of spam and viruses. But thats their own fault;-)

Providing spam/virus checks + storing positives outside inbox is the
reason I am not able to store all incoming mails to /var/mail/$user.
Another idea would be to store spam in /var/mail/$user.spam and virus
mails in /var/mail/$user.virus, but my IMAP server (uw-imap like
snarfing-patched Dovecot) is only able to snarf one IMAP mailbox per user.

Now I tried to implement your idea to use condition first_delivery to
deliver to /var/mail/$user after the first deliver attempt failed but it
does not work, bounce mails are still produced. Weirdly enough in rare
cases a mail to an over-quota user hit /var/mail/$user, but only after
restarting Exim when a mail was in queued state. But I do not know why
this happens only when restarting Exim and not during normal usage.

I will therefore post the routers, transports and retry sections of my
exim config file in the hope that someone can point me to the error.

All first_delivery settings were added today, are completely without any
effect, Exim behaves like being used without it. The quota entry in the
retry section, the router user_var_mail and the transport inbox_var_mail
were also added today.

Greetings and thanks in advance, Bernd Kuhls


> SCANNER_TOKEN = 987asf@${primary_hostname}
>
> begin routers
>
> local:
> driver = redirect
> domains = ! ${primary_hostname} : +local_domains
> #
> data = ${local_part}@${primary_hostname}
>
> direct:
> driver = manualroute
> domains = ! +local_domains
> transport = smtp
> route_data = ${lookup{${domain}}partial-lsearch{/etc/exim4/Maps/direct}}
> host_find_failed = freeze
>
> smart_host:
> driver = manualroute
> domains = ! +local_domains
> transport = smtp
> #
> route_list = * SMART_HOST
>
> system_aliases:
> driver = redirect
> user = exim
> #
> data = ${lookup{${local_part}}lsearch{/etc/exim4/Aliases}}
> file_transport = file
> pipe_transport = pipe
> allow_defer = true
> allow_fail = true
>
> user_VIRUSandSPAMscan:
>   driver = accept
>   address_test = false
>   check_local_user
>   initgroups = true
>   require_files = "${home}/.mta_virusscan : ${home}/.mta_spamscan"
>   condition = "${if and { { ! match {$h_x-virus-scanned:} {(?i)SCANNER_TOKEN} } \
>                   { ! match {$h_x-spam-scanned:} {(?i)SCANNER_TOKEN} } \
>                   { first_delivery } } }"
>   verify = false
>   expn = false
>   transport = user_VIRUSandSPAMscan

>
> user_VIRUSscan:
>   driver = accept
>   address_test = false
>   check_local_user
>   initgroups = true
>   require_files = ${home}/.mta_virusscan
>   condition = "${if and { { ! match {$h_x-virus-scanned:} {(?i)SCANNER_TOKEN} } \
>                   { first_delivery } } }"
>   verify = false
>   expn = false
>   transport = user_VIRUSscan

>
> user_SPAMscan:
>   driver = accept
>   address_test = false
>   check_local_user
>   initgroups = true
>   require_files = ${home}/.mta_spamscan
>   condition = "${if and { { ! match {$h_x-spam-scanned:} {(?i)SCANNER_TOKEN} } \
>                   { first_delivery } } }"
>   verify = false
>   expn = false
>   transport = user_SPAMscan

>
> user_VIRUSstore:
>   driver = accept
>   address_test = false
>   check_local_user
>   initgroups = true
>   require_files = ${home}/.mta_virusstore
>   condition = "${if and { { match {$h_x-virus-found:} {(?i)yes.*} } \
>                   { first_delivery } } }"
>   verify = false
>   expn = false
>   transport = user_VIRUSstore

>
> user_SPAMstore:
>   driver = accept
>   address_test = false
>   check_local_user
>   initgroups = true
>   require_files = ${home}/.mta_spamstore
>   condition = "${if and { { match {$h_x-spam-flag:} {(?i)yes.*} } \
>                   { first_delivery } } }"
>   verify = false
>   expn = false
>   transport = user_SPAMstore

>
> user:
> headers_add = ${if !def:header_date:{Date: $tod_full}{}}
> driver = accept
> check_local_user
> condition = ${if first_delivery}
> transport = inbox
>
> user_var_mail:
> driver = accept
> check_local_user
> headers_add = ${if !def:header_date:{Date: $tod_full}{}}
> transport = inbox_var_mail
>
> real_user:
> driver = accept
> check_local_user
> local_part_prefix = "real-"
> transport = inbox
> cannot_route_message = "Unknown local-part \"${local_part}\" in domain \"${domain}\"."
>
>
> begin transports
>
> inbox:
> driver = appendfile
> delivery_date_add
> envelope_to_add
> return_path_add
> group = mail
> file = /home/${local_part}/.imap_mail/inbox
> check_owner = true
> mode = 0600
>
> inbox_var_mail:
> driver = appendfile
> delivery_date_add
> envelope_to_add
> return_path_add
> group = mail
> file = /var/mail/${local_part}
> check_owner = true
> mode = 0600
>
> user_VIRUSandSPAMscan:
> driver = pipe
> headers_remove = "x-virus-scanned:x-virus-found:x-spam-scanned"
> headers_add = "X-Virus-Scanned: SCANNER_TOKEN\nX-Spam-Scanned: SCANNER_TOKEN"
> command = "/etc/exim4/Bin/virus+spamscan SCANNER_TOKEN"
> timeout = 2m
> timeout_defer = true
> temp_errors = 1:2:73:75
> log_output = true
> umask = 066
> use_shell = true
>
> user_VIRUSscan:
> driver = pipe
> headers_remove = "x-virus-scanned:x-virus-found"
> headers_add = "X-Virus-Scanned: SCANNER_TOKEN"
> command = "/etc/exim4/Bin/virusscan SCANNER_TOKEN"
> timeout = 1m
> timeout_defer = true
> temp_errors = 1:2:73:75
> log_output = true
> umask = 066
> use_shell = true
>
> user_SPAMscan:
> driver = pipe
> headers_remove = "x-spam-scanned"
> headers_add = "X-Spam-Scanned: SCANNER_TOKEN"
> command = "/etc/exim4/Bin/spamscan SCANNER_TOKEN"
> timeout = 2m
> timeout_defer = true
> temp_errors = 1:2:73:75
> log_output = true
> umask = 066
> use_shell = true
>
> user_VIRUSstore:
> driver = appendfile
> delivery_date_add
> envelope_to_add
> return_path_add
> initgroups = true
> file = $home/.imap_mail/Virus
> check_owner = true
> allow_symlink = true
> mode = 0600
>
> user_SPAMstore:
> driver = appendfile
> delivery_date_add
> envelope_to_add
> return_path_add
> initgroups = true
> file = $home/.imap_mail/Spam
> check_owner = true
> allow_symlink = true
> mode = 0600
>
> smtp:
> driver = smtp
> connect_timeout = 2m
> command_timeout = 2m
> data_timeout = 2m
> final_timeout = 2m
>
>
> begin retry
>
> # Address or Domain    Error       Retries
> *                      quota
> *                      *           F,2h,15m; F,24h,1h; F,5d,4h