Author: Phil Pennock Date: To: Leonardo Boselli CC: exim-users Subject: Re: [exim] mangling received headers in incoming mail.
On 2009-10-11 at 18:24 +0200, Leonardo Boselli wrote: > I get email for three domain on four machines.
> each one is listed as MX for the three domain, and each one has a list of
> user of every domain.
> Lower mx is the same host that has imap server and mailboxes for the
> domain, the other do accept email in case of overload for the main one.
> The fourth, that has no own domain, is used mainly to send e-mail for all.
> each user has his .spamassassin/user_conf and is han dled by the machine
> that has his mailbox.
> With this arrangemente there is a problem: the secondary mx just refuse
> e-mail for non-existing users, but pass all the other one to the main one.
> The latter then cannot test on the receive headers for ill-behaving [aka:
> spam sender] hosts.
> Is there a way to telle exim not to add an header if the message is
> received from one of secondary mx , that is now there is:
> Received from mx10 by mx20 at ....
> Received from mx20 from remote at ....
You need to scan during the SMTP transaction, so that you can reject the
message. If you accept and then scan, then either you will just be
discarding spam, as a black hole, or generating backscatter. Both are
sufficiently bad ideas that I won't assist with those.
So really, you have an architectural flaw as it stands. You might look
at how to distribute the spamassassin configuration to be available on
all machines which are listed as MX for the domain.
> Alos, there is a way to make clamav test from the first machine that get
> the message from exterior and skip on next step ?
Yes.
If you're using a "spam" condition in an ACL on DATA, then write the ACL
logic such that if the connection is from one of your own machines, you
don't do invoke the "spam" condition.
