a.smith@??? wrote:
> Hi,
>
> I´ve noticed recently that Ive been recieving spam that has not
> been spam checked. I had a look in the exim config and the logic
> controlling what is and what is not checked is the following (I
> believe):
>
> spamcheck:
> verify = false
> condition = \
> ${if !or{ \
> {eq{$received_protocol}{esmtpa}} \
> {eq{$received_protocol}{spam-scanned}} \
> } {yes} {no}}
> driver = accept
> transport = spamcheck_pipe
> headers_remove =
> X-Spam-Checker-Version:X-Spam-Score:X-Spam-Report:X-Spam-Level:X-Spam-Status:X-Spam-Flag:
>
> Actually it was originally checking for recieved_protocol asmtp in the
> if statement but I could see mail sent with authentication is actually
> listed as esmtpa in the headers so I changed it to esmtpa thinking
> this was more appropriate.
> Is the above config appropriate or should I change it? Any advise?
>
> thanks, Andy.
>
>
>
>
This router is written to ACCEPT spam, not reject it.
Rejection, if any, must be implemented elsewhere. Before this router is seen.
Preferably before routers are even entered - eg while the smtp session is still
'alive'.
That 'elsewhere' is the logic that needs reviewed.
All the above does is choose a transport and manipulate headers. Even if the
transport 'blackholes' it is too late to cleanly reject while 'in sesson'.
Ergo, absent other, better, and earlier logic in acl's you are probably
vulnerable to backscatter abuse in addition to accepting spam you do not want.
HTH,
Bill