maciej jackowski <maciej.jackowski@???> (So 06 Mär 2016 21:29:01 CET):
> Is it possible to run or skip malware scan
> for specific recipients domains?
>
> For example set check condition in ACL DATA via mysql lookup
Yes, if you manage to "single out" the domains or if you rely on PRDR.
(Though I'm not sure how to do it using PRDR. And I'm not sure if PRDR
is portable yet, as probably not many MTA connecting to your server
have support for PRDR).
MAIL FROM: xxx
< OK
RCPT TO: xxx1
< OK
RCPT TO: xxx2
< OK
DATA
…
< OK -- implicit OK for all recipients
But you can do it as e.g. google does it. Reject the RCPT if it's not
the same domain as the first recipient. Then, as soon as you reach the
DATA ACL you're sure that it's one domain only and you can do/skip the
malware scan depending on the domain. The other domain(s) have
to retry.
DRAFT, not tested!
# somewhere in your rcpt acl
warn condition = ${if !def:acl_m_domain}
set acl_m_domain = $domain
defer !domains = $acl_m_domain
# somewhere in your data acl
deny !domains = lsearch;$config_dir/skip_scan
malware = *
DRAFT, not tested!
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de ---------------------------- internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome --------------- key ID: F69376CE -
! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -