Re: [exim] Still Trying to Figure Out Spam Settings..

Top Page
Delete this message
Reply to this message
Author: Brian Spraker
Date:  
To: exim-users
Subject: Re: [exim] Still Trying to Figure Out Spam Settings..
Hi Mike,

I indeed found the solution to the problem.

My dilemma had many moving pieces. Since I have aliases setup for some users, I

didn't want e-mails sent to aliases to get by the spam-checking. The aliases
table I have only contains the alias e-mail address and the real mailbox that it

points to.

The other table is the users table - which has the real e-mail address (or login

ID), mailbox path, spam settings, amongst many other things.

Cruising through Google, I stumbled across someone with the exact same issue -
minus the problem with the aliases - so I had to figure that out myself.

Here is what I came up with as I'd like to share my solution with the board.

in the acl_check_rcpt routine, this was added:

# Lines below sets the recipient e-mail address to acl_m0 and if the address
is an alias, it will set the real user account to acl_m7
require set acl_m0 = ${local_part}@${domain}
require set acl_m7 = ${lookup mysql{SELECT login FROM aliases WHERE
alias="${acl_m0}"}}
# Now, if acl_m7 is not empty (meaning the recipient is an alias), acl_m0 is
set to the real user account
require set acl_m0 = ${if !eq{$acl_m7}{}{$acl_m7}{$acl_m0}}

# Lines below gets the spam_flag setting from the user for checking. If more
than one recipient with a different spam_flag number, defer
require set acl_m1 = ${lookup mysql{SELECT spam_flag FROM horde_users WHERE
user_uid="${acl_m0}"}}

  defer
    message = Spam Threshold Mismatch
    condition = ${if and{{def:acl_m2}{!={$acl_m1}{$acl_m2}}}}


require set acl_m2 = $acl_m1

# Lines below gets the spam_delete setting from the user for checking. If
more than one recipient with a different spam_delete number, defer
require set acl_m3 = ${lookup mysql{SELECT spam_delete FROM horde_users WHERE
user_uid="${acl_m0}"}}

  defer
    message = Spam Delete Mismatch
    condition = ${if and{{def:acl_m4}{!={$acl_m3}{$acl_m4}}}}


require set acl_m4 = $acl_m3

# Lines below will automatically accept if the user has spam filtering
disabled. If more than one recipient with different spam settings, defer
require set acl_m5 = ${lookup mysql{SELECT spam_enable FROM horde_users WHERE
user_uid="${acl_m0}"}}

  defer
    message = Spam Checking Mismatch
    condition = ${if and{{def:acl_m6}{!eq{$acl_m5}{$acl_m6}}}}


require set acl_m6 = $acl_m5

# Set the values to the default values if the values cannot be looked up
(alias account points to an e-mail address not on my system).
require set acl_m2 = ${if eq{$acl_m2}{}{45}{$acl_m2}}
require set acl_m4 = ${if eq{$acl_m4}{}{53}{$acl_m4}}
require set acl_m6 = ${if eq{$acl_m6}{}{Y}{$acl_m6}}

  # Lastly, accept the e-mail without blacklist, SPF, and other rcpt checks if 
the user has disabled spam checking on their account
  accept
    condition = ${if eq{$acl_m6}{N}}




This section was then added to the acl_check_data routine (virus checking is
first before these lines; not going to let viruses get through):

  # Will accept if the user has disabled spam checking
  accept
    condition = ${if eq{$acl_m6}{N}}


  # Deny/Check for Spam
   warn
     spam = Debian-exim:true
     message = X-Spam_score:  $spam_score\n\
               X-Spam_report: $spam_report
     condition = ${if <{$spam_score_int}{$acl_m4}}


   warn
     spam = Debian-exim:true
     message = Subject: SPAM SCORE: $spam_score $h_Subject
     condition = ${if >{$spam_score_int}{$acl_m2}}


   deny
     spam = Debian-exim:true
     message = E-mail cannot be delivered: $spam_score spam points. $h_Subject
     condition = ${if >{$spam_score_int}{$acl_m4}}



Maybe some other folks can use this for their uses as well. I use the Horde
Groupware system along with Exim - so the database stuff is based on that.

Brian S.
BsnTech Networks





----- Original Message ----
From: Mike Cardwell <exim-users@???>
To: exim-users@???
Sent: Fri, October 22, 2010 5:40:28 AM
Subject: Re: [exim] Still Trying to Figure Out Spam Settings..

On 21/10/2010 23:49, Brian Spraker wrote:

> I posted a bit back about trying to figure out how I can allow users to modify



> their own spam settings.
>
> A database is setup with three fields - 'spam_enable', 'spam_flag', and
> 'spam_delete'.
>
> under acl_check_rcpt, this has been added - and it does work appropriately
> (because this occurs with each "rcpt to" command and can reject recipients):
>
> accept
> condition = ${if eq{${lookup mysql{SELECT spam_enable FROM users WHERE
> account="${local_part}@${domain}"}}}{N}}
>
> The above condition checks to see if the user has the 'spam_enable' feature set
>
>
> to "N" for No. If so, then it will accept the mail and skip checking
>blacklists
>
> and such.
>
> The same line was added into the acl_check_data area.
>
> However, as another newsgroup member posted, the ${local_part} and ${domain} do
>
>
> not work here - because the possibility of having multiple recipients.
>
> This is also causing a snag in the same area (acl_check_data) where I'm not
>able
>
> to pull the spam_flag and spam_delete values. The spam_flag item is the
> user-set threshold that will just flag the e-mail as spam in the subject line.
>
>
> The spam_delete item is the user-set threshold that will delete the mail.
>
> So, I basically am wondering if there is some kind of way - like a while loop -
>
>
> that will go through each of the recipients and check these three things in the
>
>
> acl_check_data routine.
>
> I'm quite lost with trying to figure out some kind of solution for this. The
> Exim config file isn't like scripting PHP or anything like that :)
>
> Thank you for any advice!


In your DATA acl, you can either accept for all recipients, or reject
for all recipients. You can't accept/reject on a per recipient basis.
This is a very common problem, and is a limitation of SMTP it's self
rather than any sort of limitation in Exim.

The simplest method is to just only allow emails to have one recipient,
by defering subsequent recipients in the rcpt acl. Then use $recipients
in the DATA acl. I believe there might be cases were broken mail servers
don't like this behaviour though.

If you're going to allow multiple recipients, there are two possibilities:

1.) All recipients have the same spam filtering requirements
2.) Some of the recipients have differing filtering requirements

If (1) happens, then you just store this information in the rcpt acl,
and then re-use it in the data acl. If (2) happens, you have to decide
how you're going to treat that case and then use that information in the
data acl.

There's another option but it's not great. If 1 or more of the
recipients don't want spam filtering, but 1 or more do. Then do the spam
filtering, but don't reject in the DATA acl. Just record whether or not
the message is spam. Then in the routers, check if the message was
marked as spam, and if so, let it through for the non-spam-filtering
users, and blackhole or bounce it for the rest. Bouncing will get you
added to blacklists for generating backscatter. Blackholing is bad
behaviour because neither the sender nor the recipient is informed of
the message delivery failure.

It's not simple.

-- 
Mike Cardwell - Perl/Java/Web developer, Linux admin, Email admin
Read my tech Blog -              https://secure.grepular.com/
Follow me on Twitter -          http://twitter.com/mickeyc
Hire me - http://cardwellit.com/ http://uk.linkedin.com/in/mikecardwell


--
## List details at http://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/