[exim] Prevent generation of bounces when deny-ing in acl_no…

Top Page
Delete this message
Reply to this message
Author: Colin Keith
Date:  
To: exim-users
Subject: [exim] Prevent generation of bounces when deny-ing in acl_not_smtp
Hi,

Like lots of people I've having a hard time with spammers misusing my
customer's sites and services so I decided to look into using the
acl_not_smtp and acl_not_smtp_start ACL's.

I've cracked part of my problem that of tracing the sites by using
acl_not_smtp_start to add a received header to log the site info via
${perl}. Alas while we use suexec I can't say the same for PHP and matching
spam to a source site is a pain. I embedded Perl and wrote a nice little
sub for assembling a header (I can post it if anyone wants it)


Now I'm wanting to run the mails being sent through SpamAssassin. I had
been getting the following error logged:

2009-01-16 00:26:41 1LNhE9-0002bS-Jx Error while reading message with no
usable sender address (R=1LNhE9-0002bR-HC): rejected by non-SMTP ACL: local
configuration problem

I've finally realized that this is generated because my ACL is very simple:

 acl_not_smtp       = acl_spam_scan_non_smtp


begin acl

 acl_spam_scan_non_smtp:
  deny
    log_message = BLOCKING SPAM


accept

Obviously I'm testing things here so its the simplest case, but whatever
the config if the result of the acl_not_smtp is that the message is
denied then it generates a bounce. As that too is sent locally it hits
this same ACL and so that fails producing the error message above.

Of course I can get around the bad error message by allowing the bounces
via a conditional

accept
condition = ${if match {$h_from:} {Mailer-Daemon@} }

But what I'd prefer to do is to not generate the bounce.

Is there any way from within acl_non_smtp to have exim not handle the
mail any further just as deny in an SMTP acl closes the connection?

Alternatively if its not possible then what is the best way to achieve
the same result for spam scanning a local message and rejecting it as
you can with messages received via SMTP?

Most of what I've read still works around the dunc exiscan-acl patches, yet
you can use the "spam" action in acl_not_smtp. I've seen suggestions for
delivering the mails to spam assassin in a router and then re-injecting
good messages back into exim, but if you can use "spam" in acl_not_smpt it
seems like you should be able to reject the mails there too.

I'm starting to think that the only real solution here is to add the
spam headers to the message and then to use the system filter to remove
any messages with high spam scores.

Does any one have any suggestions?

Thanks in advance, and I really did read the FAQ and googled and read a
couple of different suggested docs and configs, so if I missed it then
please include a URL to the answer.

Regards,
Colin.

what you're meant to do with spam if a rejection generates a bounce. I'm
half thinking that




--
Then graphics games came along and the computer using portion of the human race
forgot all about 500,000 years of language evolution and went straight back to
the electronic equivalent of banging rocks together - the point'n'click game
- http://www.douglasadams.com/creations/infocomjava.html