[exim] need help getting relay_host processed through spamas…

Pàgina inicial
Delete this message
Reply to this message
Autor: sphen
Data:  
A: exim-users
Assumpte: [exim] need help getting relay_host processed through spamassassin

hi there-

new to really editing exim settings beyond simple configuration changes. but
i had a quick question. i have a standard cpanel install which includes
exim and spam assassin. i have some domains email being filtered through
postini and others that are not. the ones that are get received by exim on
a different i address that is locked down not to accept anything from anyone
but postini - and postini is also listed as a relay host to allow
reinjection. the problem though is that somehwhere within the exim config
the email from postini is being trusted and is not scanned again - the
problem is that postini isnt perfect and i want to filter a few things by
header etc in spamassassin. i woudl think it would have to do with
something with the "check_message" filter but am not sure of what change i
need to make. the config section referred to is below:

########################################################################################
# DO NOT ALTER THIS BLOCK
########################################################################################
#
# cPanel Default ACL Template Version: 5.9
# Template: mailman2.dist
#
########################################################################################
# DO NOT ALTER THIS BLOCK
########################################################################################

acl_mail:

# ignore authenticated hosts
    accept authenticated = *


# ignore pop before smtp 
    accept  condition = ${if
match_ip{$sender_host_address}{iplsearch;/etc/relayhosts}{1}{${if
eq{$sender_host_address}{127.0.0.1}{1}{0}}}}
    accept hosts = +relay_hosts



[% ACL_MAIL_BLOCK %]

    accept



acl_connect:
[% ACL_CONNECT_BLOCK %]

# do not change the comment in the line below, it is required for
/usr/local/cpanel/bin/check_exim_config
#acl_smtp_notquit is required for this to work (exim 4.68)
    accept


acl_notquit:
[% ACL_NOTQUIT_BLOCK %]


#!!# ACL that is used after the RCPT command
check_recipient:
# Exim 3 had no checking on -bs messages, so for compatibility
# we accept if the source is local SMTP (i.e. not over TCP/IP).
# We do this by testing for an empty sending host field.

[% ACL_RATELIMIT_BLOCK %]

accept hosts = :

accept hosts = +skipsmtpcheck_hosts


  # Accept bounces to lists even if callbacks or other checks would fail
  warn     message      = X-WhitelistedRCPT-nohdrfromcallback: Yes
           condition    = \
           ${if and {{match{$local_part}{(.*)-bounces\+.*}} \
                     {exists
{/usr/local/cpanel/3rdparty/mailman/lists/${lc:$1}/config.pck}}} \
                {yes}{no}}


  accept   condition    = \
           ${if and {{match{$local_part}{(.*)-bounces\+.*}} \
                     {exists
{/usr/local/cpanel/3rdparty/mailman/lists/${lc:$1}/config.pck}}} \
                {yes}{no}}



  # Accept bounces to lists even if callbacks or other checks would fail
  warn     message      = X-WhitelistedRCPT-nohdrfromcallback: Yes
           condition    = \
           ${if and {{match{$local_part}{(.*)-bounces\+.*}} \
                     {exists
{/usr/local/cpanel/3rdparty/mailman/lists/${lc:$1}_${lc:$domain}/config.pck}}}
\
                {yes}{no}}


  accept   condition    = \
           ${if and {{match{$local_part}{(.*)-bounces\+.*}} \
                     {exists
{/usr/local/cpanel/3rdparty/mailman/lists/${lc:$1}_${lc:$domain}/config.pck}}}
\
                {yes}{no}}


  #if it gets here it isn't mailman
# deny must be on the same line as hosts so it will get removed by
buildeximconf if turned off
   deny  hosts = ! +senderverifybypass_hosts
        ! verify = sender/callout=60s


  accept  hosts = *
          authenticated = *



  #if they poped before smtp we just accept
  accept  condition = ${if
match_ip{$sender_host_address}{iplsearch;/etc/relayhosts}{1}{${if
eq{$sender_host_address}{127.0.0.1}{1}{0}}}}
          add_header = ${if
exists{/etc/eximpopbeforesmtpwarning}{${perl{popbeforesmtpwarn}{$sender_host_address}}{}}


  accept  hosts = +relay_hosts
          add_header = ${if
exists{/etc/eximpopbeforesmtpwarning}{${perl{popbeforesmtpwarn}{$sender_host_address}}{}}


#recipient verifications are now done after smtp auth and pop before smtp
so the users get back bounces instead of
# a clogged outbox in outlook

[% ACL_WHITELIST_BLOCK %]

[% ACL_RBL_BLOCK %]

[% ACL_TRUSTEDLIST_BLOCK %]

[% ACL_MAILAUTH_BLOCK %]

[% ACL_PRE_RECP_VERIFY_BLOCK %]

#recipient verifications are required for all messages that are not sent to
the local machine
  #this was done at multiple users requests
  require verify = recipient
    message = "The recipient cannot be verified.  Please check all
recipients of this message to verify they are valid.  Details:
$acl_verify_message"




# The only problem with this setup is that if the message is for multiple
users on the same server
# and they are on different unix accounts, the settings for the first
recipient which has spamassassin enabled will be used.
# This shouldn't be a problem 99.9% of the time, however its a very small
price to pay for a massive speed increase.
  warn  domains = ! ${primary_hostname} : +local_domains
         condition = ${if <= {$message_size}{[% ACL_MAX_SPAM_SCAN_SIZE
%]K}{${if eq {${acl_m0}}{1}{0}{${if
exists{/etc/global_spamassassin_enable}{1}{${if
exists{${extract{5}{:}{${lookup{${lookup{$domain}lsearch*{/etc/userdomains}{$value}}}lsearch{/etc/passwd}{$value}}}}/.spamassassinenable}{1}{0}}}}}}}{0}}
         set acl_m0    = 1
         set acl_m1    =
${lookup{$domain}lsearch*{/etc/userdomains}{$value}}


  warn  domains = ${primary_hostname}
          condition = ${if <= {$message_size}{[% ACL_MAX_SPAM_SCAN_SIZE
%]K}{${if eq {${acl_m0}}{1}{0}{${if
exists{/etc/global_spamassassin_enable}{1}{${if
exists{${extract{5}{:}{${lookup{$local_part}lsearch{/etc/passwd}{$value}}}}/.spamassassinenable}{1}{0}}}}}}}{0}}
          set acl_m0    = 1
          set acl_m1    = $local_part



accept domains = +relay_domains

  deny    message = $sender_fullhost is currently not permitted to \
                        relay through this server. Perhaps you \
                        have not logged into the pop/imap server in the \
                        last 30 minutes or do not have SMTP Authentication
turned on in your email client.



#!!# ACL that is used after the DATA command
check_message:
# Enabling this will make the server non-rfc compliant
# require verify = header_sender
accept hosts = 127.0.0.1 : +relay_hosts

  accept  hosts = *
          authenticated = *


  warn
    condition = ${if eq {${acl_m0}}{1}{1}{0}}
    spam =  ${acl_m1}/defer_ok
    log_message = "SpamAssassin as ${acl_m1} detected message as spam
($spam_score)"
    add_header = X-Spam-Subject: [% ACL_SPAM_HEADER %] $h_subject
    add_header = X-Spam-Status: Yes, score=$spam_score
    add_header = X-Spam-Score: $spam_score_int
    add_header = X-Spam-Bar: $spam_bar
    add_header = X-Spam-Report: $spam_report
    add_header = X-Spam-Flag: YES
    set acl_m2 = 1


  warn
      condition =  ${if eq {$spam_score_int}{}{0}{${if <=
{${spam_score_int}}{8000}{${if >=
{${spam_score_int}}{50}{${perl{store_spam}{$sender_host_address}{$spam_score}}}{0}}}{0}}}}


warn
condition = ${if eq {${acl_m0}}{1}{${if eq {${acl_m2}}{1}{0}{1}}}{0}}
add_header = X-Spam-Status: No, score=$spam_score
add_header = X-Spam-Score: $spam_score_int
add_header = X-Spam-Bar: $spam_bar
add_header = X-Spam-Flag: NO
log_message = "SpamAssassin as ${acl_m1} detected message as NOT spam
($spam_score)"

[% ACL_RATELIMIT_SPAM_BLOCK %]

[% ACL_SPAM_BLOCK %]

accept


i tried removing the relay_host part of this line but didnt affect anything:
accept hosts = 127.0.0.1 : +relay_hosts

if i do pull postini's ip block out of the relay host file i have set up the
email is processed by spam assassin. any ideas? thanks!
--
View this message in context: http://www.nabble.com/need-help-getting-relay_host-processed-through-spamassassin-tp22442309p22442309.html
Sent from the Exim Users mailing list archive at Nabble.com.