Re: [exim] Some problems

Top Page
Delete this message
Reply to this message
Author: Dominic Benson
Date:  
To: exim-users
Subject: Re: [exim] Some problems
On 21/03/11 16:10, The Doctor wrote:


<Copying the actual question to the top, so it is visible, and the
comments make sense>
> How do I tell exim anything ***authenticated*** on 465/587
> should not be subjugated to anti-viral / anti-spam tests?
>>> ----------------------- ns2 config file -----------------
>>>
>>>

<snip some definitions and acl stuff>
>>>    accept  authenticated = *
>>>            control       = submission
>>>            control       = dkim_disable_verify

Add a set acl_m_authenticated = 1 to this


< snip rest of the rcpt acl>
>>> acl_check_data:
>>>
>>>    accept authenticated = *

>>>
>>>     deny    malware    = *
>>>             message    = This message contains a virus ($malware_name).
>>>    #
>>>     warn    spam       = nobody
>>>             add_header = X-Spam_score: $spam_score\n\
>>>                          X-Spam_score_int: $spam_score_int\n\
>>>                          X-Spam_bar: $spam_bar\n\
>>>                          X-Spam_report: $spam_report

Given that you use Amavis, you *probably* don't want this section at
all. Otherwise normal (unauthenticated) messages are scanned for
spam/virus twice.

>>>    # Accept the message.
>>>    accept
>>> begin routers

>>>

<snip some routers>
>>> amavis:
>>>    driver = manualroute
>>>    # Do NOT run if received via 10025/tcp or if already spam-scanned
>>>    # or if bounce message ($sender_address="")
>>>    condition = "${if or {{eq {$interface_port}{10025}} \
>>>        {eq {$received_protocol}{spam-scanned}} \
>>>        {eq {$sender_address}{}} \
>>>        }{0}{1}}"

add an {eq {$acl_m_authenticated}{1}} to the 'or' list. That would stop
authenticated messages from being passed to Amavis.

>>>    transport = amavis
>>>    route_list = "* localhost byname"
>>>    self = send


<snip rest of conf>
>>>
>>> I wish to add that if an e-mail is done via port 465 then do not subject
>>> it to anti-viral tests.
>
> Again, the above is working nicely wqith the exception of an e-mail getting
> identified as a potentinal virus.
>
> How do I tell exim anything ***authenticated*** on 465/587
> should not be subjugated to anti-viral / anti-spam tests?
>


See the above comments: basically, you need to stop authenticated mail
from being passed to Amavis if you don't want to scan it.
Also, as mentioned above, you should decide whether to scan from Exim or
Amavis. Doing both is unlikely to be a good idea!