Re: [exim] Exim4 skips SpamAssassin if attachments are too b…

Top Page
Delete this message
Reply to this message
Author: Paul Lenz
Date:  
To: exim-users
New-Topics: [exim] an antivirus for zero-day :)
Subject: Re: [exim] Exim4 skips SpamAssassin if attachments are too big
Lena wrote:

> Connect with your server using SSH, give the command:
> exim -bP acl_smtp_data
> In your case it must say:
> acl_smtp_data = check_message


This is exactly the case.

> If it says something else then it's the reason why this in your config
> didn't work:


Hmm...?


> An afterthought: better with \b instead of \s


Thanks!

Anyway - is there a way to pass a test message (stored as a file on my
system) to Exim?



> > 2. I would prefer to use my director which simply moves spam detected by
> > SpamAssassin into a waste bin:
>
> Is the "waste bin" a folder you look at once a day or so?


Only from time to time. Messages from really important senders are never
deleted on my system.
I don't expect important messages from unknown senders.


> > I wrote a plugin for Spamassassin which unzips every attachement and
> > (IMHO very important) unzips every MS Office file (xlsx, xlsm, docx) and
> > looks for strings like "rundll32" or "This program cannot be run in DOS
> > mode" and some others.
>
> Good idea (about Office files). Perhaps I can replicate this
> in Exim without SpamAssassin if you send me your code or a link to it.


How can you use my code? It is written im Perl. As I understand you, you
can write only rules for Exim, but you can not write executable code,
can you?

BR
Paul