Author: Ruediger Hahn Date: To: Exim-users Subject: [exim] Bouncing spam or virus mails
Hi all,
I am having a problem preventing Exim from backscattering.
Following is my current scenario:
1. Exim receives an email from a remote server
2. Exim delivers the email to Amavisd-new for spam/virus checking
3. Amavisd-new sends the email back to Exim, for spam mails with headers
like X-Spam-Level: X-Spam-Flag: etc.
4. Exim finally delivers the email to Cyrus IMAP Daemon, so that a user
is able to check its content (I do this with "plus-addressing",
something like "username+Spam@???").
5. Now the problem: If the mailbox does not exist, the email is bounced
back to Exim.
6. Exim now again sends the email to Amavisd-new, but it seems, that
Amavis doesn't recognize it as spam any more because of the "A message
that you sent could not be delivered to one ore more of its
recipients...blablabla" content and also by the fact it is coming from
internal network.
7. Amavisd-new sends the email back to Exim, checked virus and spam free
8. Exim at the end sends a backscatter email
My problem is now, that I don't want to bounce emails which are
definitely spam, for example with a spam score above 9.
What doesn't work for me is setting the "sa_dsn_cutoff_level" within
Amavisd-new. I am not really sure what this setting is good for, but for
my purposes, it doesn't work.
So I thought I could solve this problem within Exim at [8]., but I
couldn't find a solution for this until now. It think it should be
something like
I. find out if it is a bounce mail created from localhost
II. If so, find out the spam level in the header of the original email
created at [3].
III. If spam level is above a certain value, discard the email, else
deliver it.