Re: [exim] Local / Non SMTP Connections Bypassing ACLs

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Brian Spraker
Date:  
À: exim-users
Sujet: Re: [exim] Local / Non SMTP Connections Bypassing ACLs


    On Thursday, March 1, 2018, 3:17:27 PM CST, Ian Zimmerman via Exim-users <exim-users@???> wrote:  


On 2018-03-01 19:51, Brian Spraker wrote:

>> acl_not_smtp


> I can use the typical SpamAssassin checks in here without needing exiscan?


The spec says: (Section 43.3)

The acl_not_smtp ACL is run just before the local_scan() function.

I take that to mean that you can do anything there that you can do in
acl_smtp_data, provided of course you don't refer to SMTP specific items.
Thank you Ian.  Went through and had to do quite a bit of removal of some ACLs for that to work.  the acl_not_smtp cannot check for authentication (duh..), cannot check receipients (which is odd?), and can't check for invalid local_parts (which is odd?).  Unless there is another acl_not_smtp ACL where that data needs checked.
The acl_not_smtp ACL I ended with will add a message ID (if one doesn't exist), check for mime defects, file extensions/attachments, malware, odd symbols (chinese symbols, NUL, etc), and do the SpamAssassin checking.
At the end of the day, that was the primary goal and it is all good.


--
Please don't Cc: me privately on mailing lists and Usenet,
if you also post the followup to the list or newsgroup.
To reply privately _only_ on Usenet and on broken lists
which rewrite From, fetch the TXT record for no-use.mooo.com.

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/