> On Mon, May 26, 2014 at 7:49 AM, <thunder@???> wrote:
> >>> I am trying to use Amavis and Exim together. For the most part it is all
> >>> working fine, except I have an issue that I cannot use the "policy bank"
> >>> functionality of Amavis due to Exim apparently not supporting the
> >>> XFORWARD extension in its SMTP transport, this is covered in:
> > Amavis is quite a popular choice for mail filtering, for obvious reasons.
> > This is a bit of a let down for anyone wanting to use Amavis with exim.
> > Surely
> > I'm not the only person to hit this road block. Is there any workaround?
>
> Does Amavis support Proxy Protocol? If yes, then the next release
> will have Proxy Protocol as a supported method of passing remote
> information like this.
As far as I understand, the OP was talking about Amavis sitting "behind"
the Exim box.
The proxy support in Exim seems to implement the side "behind" the proxy
(do we call it client or server? From SMTP point of view, Exim is the
server, but the HAProxy in front of Exim is a server too…)
For what I understand about XFORWARD, it was designed to circumvent
logging confusion in "MTA1 - content filter - MTA2" setups.
Now it looks as if XFORWARD may be "abused" to give some additional
pieces of information to the content filter, for policy decisions.
In Exim such policy decisions are mostly encoded in the ACL, without
external help.
I'd say it's possible with some simple configuration "tricks" to
interface some Exim ACL with Amavis as "policy bank", if necessary at
all.
Additional thought: some interface to Amavis, the get the message
evaluated, as we do already with Spamassassin.
acl_check_data:
deny amavis = *
message = sorry, amavis told us $amavis_output
This would avoid the MTA1-Amavis-MTA2 setup while getting most
of Amavis' features.
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de ---------------------------- internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome --------------- key ID: 7CBF764A -
gnupg fingerprint: 9288 F17D BBF9 9625 5ABC 285C 26A9 687E 7CBF 764A -
(gnupg fingerprint: 3061 CFBF 2D88 F034 E8D2 7E92 EE4E AC98 48D0 359B)-
