Re: [exim] conditions for running spam tests

Top Page
This message is part of the following thread:
M\the complete thread tree sorted by date
MMSeth Dillingham at <-
MW B Hacker at ->
Delete this message
Reply to this message
Author: Heiko Schlittermann
Date:  
To: exim-users
Subject: Re: [exim] conditions for running spam tests
Seth Dillingham <seth.dillingham@???> (Di 02 Nov 2010 02:02:47 CET):
> I have the following in my acl_check_data:
>
>   warn    spam       = nobody
>           condition  = ${if < {$message_size}{10K}}
>           add_header = X-Spam_score: $spam_score\n\
>                        X-Spam_score_int: $spam_score_int\n\
>                        X-Spam_bar: $spam_bar\n\
>                        X-Spam_report: $spam_report
>
>   # reject spam with high scores
>   deny    message    = This message scored $spam_score points.
>           spam       = nobody:true
>           condition  = ${if < {$message_size}{10K}}
>           condition  = ${if > {$spam_score_int}{70}{1}{0}}
>


First - shouldn't be the test for the message size done befor the spam
condition? If I understand well, the conditions are evaluated in order,
thus it is scanned always, but the result is used only for messages
<10k. (BTW, 10k seems to be quite small, the headers count here too.,
may be you should use the $message_body_size, if it is available in the
data acl.)


> This is working well enough, but I'd like to skip these tests under
> certain conditions:
> 
>       * if the sender is on the localhost
>       * if the message wasn't originally sent with SMTP
>         (I have scripts on the server which send mail to me
>         by calling Exim directly)
>       * if the sender is authenticated

>

For non-SMTP the data acl is not used.
The following outline is roughly based on the rules we use.
It is something that *could* work, but it is not tested.
I like to set the reject threshold in Exim, not in SA. 

    accept  senders = localhost
    accept  authenticated = *
    accept  condition = ${if >={$message_size}{10k}}
            add_header = X-Spam-Comment: not scanned


    deny    spam = nobody:true
            condition = ${if >{$spam_score_int}{120}}


    accept  add_header = X-Spam-…\n\
            …


It get's a little bit more complicated if you want to scan for viruses
too, but want the virus scan without exceptions. Then some "sub-acl"
might help you to keep the structure clean. 


    is_trusted:
        accept  senders = localhost
        accept  senders = +relay_from_hosts
        accept  authenticated = *
        deny


    acl_check_data:


        …
        accept  acl = is_trusted
        …


    Best regards from Dresden/Germany
    Viele Grüße aus Dresden
    Heiko Schlittermann
-- 
 SCHLITTERMANN.de ---------------------------- internet & unix support -
 Heiko Schlittermann HS12-RIPE -----------------------------------------
 gnupg encrypted messages are welcome - key ID: 48D0359B ---------------
 gnupg fingerprint: 3061 CFBF 2D88 F034 E8D2  7E92 EE4E AC98 48D0 359B -

This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-[exim] web ui for exim filter?Re: [exim] web ui for exim filter?->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)