Am 24.02.2021 13:31, schrieb Jeremy Harris via Exim-users:
Hi again
Add debug options to your -bh repeat-by,
and follow through the flow of the ACLs.
This is very strange... I tried to add a "deny" just after the check by
Kaspersky:
warn condition = ${if def:h_X-Ciphermail {false}{true}}
condition = ${if eq {$acl_m_dontAVscan}{} {yes}{no}}
set acl_m_klms_headers =
set acl_m_klms_result =
set acl_m_klms_answer =
${dlfunc{/opt/kaspersky/klms/lib64/libklms-exim.so}{scan}{${spool_directory}/input}}
deny senders = lucabert@???
If I try to send an E-Mail from my address, it will rejected and then...
sent to my mailbox...
Tried with exim -d+all -bh ... I see:
09:37:26 24256 ┌considering:
${dlfunc{/opt/kaspersky/klms/lib64/libklms-exim.so}{scan}{${spool_directory}/input}}
09:37:26 24256 ┌considering:
/opt/kaspersky/klms/lib64/libklms-exim.so}{scan}{${spool_directory}/input}}
09:37:26 24256 ├──expanding: /opt/kaspersky/klms/lib64/libklms-exim.so
09:37:26 24256 └─────result: /opt/kaspersky/klms/lib64/libklms-exim.so
09:37:26 24256 ┌considering: scan}{${spool_directory}/input}}
09:37:26 24256 ├──expanding: scan
09:37:26 24256 └─────result: scan
09:37:26 24256 ┌considering: ${spool_directory}/input}}
09:37:26 24256 ├──expanding: ${spool_directory}/input
09:37:26 24256 └─────result: /var/spool/exim4/input
09:37:26 24256 ┌considering: ${sender_helo_name}
09:37:26 24256 ├──expanding: ${sender_helo_name}
09:37:26 24256 └─────result: mail.lucabert.de
09:37:26 24256 ┌considering: ${recipients}
09:37:26 24256 ├──expanding: ${recipients}
09:37:26 24256 └─────result: l.bertoncello@???
09:37:27 24256 ├──expanding:
${dlfunc{/opt/kaspersky/klms/lib64/libklms-exim.so}{scan}{${spool_directory}/input}}
09:37:27 24256 └─────result: 250 OK
09:37:27 24256 check set acl_m_klms_answer =
${dlfunc{/opt/kaspersky/klms/lib64/libklms-exim.so}{scan}{${spool_directory}/input}}
09:37:27 24256 = 250 OK
09:37:27 24256 warn: condition test succeeded in ACL "acl_check_data"
09:37:27 24256 processing "deny"
09:37:27 24256 check senders = lucabert@???
09:37:27 24256 address match test: subject=lucabert@???
pattern=lucabert@???
09:37:27 24256 lucabert.de in "lucabert.de"? yes (matched "lucabert.de")
09:37:27 24256 lucabert@??? in "lucabert@???"? yes
(matched "lucabert@???")
09:37:27 24256 deny: condition test succeeded in ACL "acl_check_data"
09:37:27 24256 end of ACL "acl_check_data": DENY
09:37:27 24256 >>Headers added by DATA ACL:
09:37:27 24256 X-AV-scan: yes
09:37:27 24256 >>
09:37:27 24256 unspool_mbox(): unlinking
'/var/spool/exim4/scan/1lJXrk-0006JE-Qh/1lJXrk-0006JE-Qh.eml'
09:37:27 24256 unspool_mbox(): unlinking
'/var/spool/exim4/scan/1lJXrk-0006JE-Qh/1lJXrk-0006JE-Qh-00000'
09:37:27 24256 unspool_mbox(): unlinking
'/var/spool/exim4/scan/1lJXrk-0006JE-Qh/1lJXrk-0006JE-Qh-00002'
09:37:27 24256 unspool_mbox(): unlinking
'/var/spool/exim4/scan/1lJXrk-0006JE-Qh/1lJXrk-0006JE-Qh-00001'
09:37:27 24256 SMTP>> 550 Administrative prohibition
550 Administrative prohibition
09:37:27 24256 LOG: MAIN REJECT
09:37:27 24256 H=(mail.lucabert.de) [185.242.112.224]
F=<lucabert@???> rejected after DATA
09:37:27 24256 smtp_setup_msg entered
quit
09:37:30 24256 SMTP<< quit
09:37:30 24256 SMTP>> 221 mail.queo-group.com closing connection
221 mail.queo-group.com closing connection
09:37:30 24256 LOG: smtp_connection MAIN
09:37:30 24256 SMTP connection from (mail.lucabert.de)
[185.242.112.224] closed by QUIT
09:37:30 24256 search_tidyup called
09:37:30 24256 >>>>>>>>>>>>>>>> Exim pid=24256 (main) terminating with
rc=0 >>>>>>>>>>>>>>>>
The strange is, that the E-Mail just be submitted if it contains a ZIP
file as attachment. For example, an E-Mail with a PNG will not be
resubmitted...
Do someone have an idea what happens?
Thanks
Luca Bertoncello
(lucabert@???)
