Re: [exim] exim subjecting outbound e-mail to spamd and viru…

Top Page
Delete this message
Reply to this message
Author: Dominic Benson
Date:  
To: exim-users
New-Topics: Re: [exim] exim subjecting outbound e-mail to spamd and virus
Subject: Re: [exim] exim subjecting outbound e-mail to spamd and viruschecks
On 10/08/11 02:17, Drav Sloan wrote:
> The Doctor wrote:
>>> You should probably read your acls, as I imagine one rule in there is
>>> accepting them wholesale. Exim only does what Exim is told to do.
> [snip]
>
> Have you tried exim -d -bh<ip of server>
>
> and looked at that?
>
> My money is, however, on the accept statement for relay_from_hosts, which
> then short circuits all other spam / virus checks. Also you probably
> should look at plugging the hole on your web server so the spam can not
> be injected in the first instance.
>
> D.
>

Depending on how the mail was initiated, it could be

accept hosts = :

which, IIRC, accepts mail that was not received over SMTP.

I agree with the above, though. Stopping it being input in the first
place is the real fix.
AV scanning outbound is fine/good, spam scanning is trickier:
for a start you're going to miss out on the RBL lookups, and FPs are
more troublesome.

Rate-limiting outbound mail might be a useful damage limitation step,
though.