Re: [exim] different acl data malware settings per recipient…

Top Page
Delete this message
Reply to this message
Author: Heiko Schlittermann
Date:  
To: exim-users
Subject: Re: [exim] different acl data malware settings per recipient domain?
maciej jackowski <maciej.jackowski@???> (So 06 Mär 2016 21:29:01 CET):
> Is it possible to run or skip malware scan
> for specific recipients domains?
>
> For example set check condition in ACL DATA via mysql lookup


Yes, if you manage to "single out" the domains or if you rely on PRDR.

(Though I'm not sure how to do it using PRDR. And I'm not sure if PRDR
is portable yet, as probably not many MTA connecting to your server
have support for PRDR).

    MAIL FROM: xxx
    < OK
    RCPT TO: xxx1
    < OK
    RCPT TO: xxx2
    < OK
    DATA
    …
    < OK -- implicit OK for all recipients



But you can do it as e.g. google does it. Reject the RCPT if it's not
the same domain as the first recipient. Then, as soon as you reach the
DATA ACL you're sure that it's one domain only and you can do/skip the
malware scan depending on the domain. The other domain(s) have
to retry.

DRAFT, not tested!

    # somewhere in your rcpt acl


    warn condition = ${if !def:acl_m_domain} 
         set acl_m_domain = $domain


    defer !domains = $acl_m_domain



    # somewhere in your data acl


        deny    !domains = lsearch;$config_dir/skip_scan
                 malware = *


DRAFT, not tested!



    Best regards from Dresden/Germany
    Viele Grüße aus Dresden
    Heiko Schlittermann
-- 
 SCHLITTERMANN.de ---------------------------- internet & unix support -
 Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
 gnupg encrypted messages are welcome --------------- key ID: F69376CE -
 ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -