Re: [exim] Subject rewriting

Αρχική Σελίδα
Delete this message
Reply to this message
Συντάκτης: Sebastian
Ημερομηνία:  
Προς: 'Mailing List'
Αντικείμενο: Re: [exim] Subject rewriting
I would personally use the "Keywords:" header instead:

  warn
    condition = ${if
forany{${listnamed_d:trusted_domains}}{match{$sender_address_domain}{\\.$item\$}}{yes}{${if
forany{${listnamed_d:trusted_domains}}{eq{$sender_address_domain}{$item}}{yes}{no}}}}
    set acl_m3 = =E2=9C=94=EF=B8=8F Betrodd dom=C3=A4n
    set acl_m4 = dnswl_whitelisted
    set acl_m5 = pass
    set acl_m6 = 1
  warn
    condition = ${if
forany{${listnamed_d:trusted_domains}}{match{$sender_address_domain}{\\.$item\$}}{no}{${if
forany{${listnamed_d:trusted_domains}}{eq{$sender_address_domain}{$item}}{no}{yes}}}}
    set acl_m3 = =E2=9E=96 Ok=C3=A4nd dom=C3=A4n
    set acl_m5 = fail
  warn
    condition = ${if
forany{${listnamed_d:suspicious_domains}}{match{$sender_address_domain}{\\.$item\$}}{yes}{${if
forany{${listnamed_d:suspicious_domains}}{eq{$sender_address_domain}{$item}}{yes}{no}}}}
    condition = ${if eq{$acl_m5}{fail}{yes}{no}}
    set acl_m3 = =E2=9D=8C Misst=C3=A4nkt skadlig dom=C3=A4n
    set acl_m5 = suspicious


  deny
    message = 5.7.23 SPF fail (phishing) -
(${sg{${sg{$spf_smtp_comment}{http\:\/\/www\.open-spf\.org\/Why}{https:\/\/www.sebbe.eu\/spf.cgi}}}
{&receiver=sebbe\.eu}{}})
    log_message = SPF check failed: ($spf_header_comment)
    spf = fail : softfail
  warn
    set acl_m1 = 4
  warn
    spf = pass
    add_header = X-SPF-Signature: $spf_result ($spf_header_comment)
    set acl_m1 = 3
    set acl_m2 = =E2=9C=94=EF=B8=8F SPF-signaturen =C3=A4r giltig
  warn
    spf = none : neutral
    add_header = X-SPF-Signature: $spf_result ($spf_header_comment)
    set acl_m1 = 2
    set acl_m2 = =E2=9E=96 SPF-signatur saknas
  warn
    spf = permerror : temperror
    log_message = SPF failure: $spf_header_comment
    add_header = X-SPF-Signature: $spf_result ($spf_header_comment)
    set acl_m1 = 1
    set acl_m2 = =E2=9A=A0=EF=B8=8F Trasig SPF-signatur
   warn
    condition =  ${if eq{$acl_m1}{4}{yes}{no}}
    add_header = X-SPF-Signature: permerror (No SPF lookup was made due to technical error)
    set acl_m1 = 1
    set acl_m2 = =E2=9A=A0=EF=B8=8F Trasig SPF-signatur
  accept



acl_check_dkim:
      accept
           dkim_status = fail
           add_header = X-DKIM-Signature: fail (address=$sender_address domain=$dkim_cur_signer -
signature is bad)
           add_header = Keywords: =?UTF-8?Q?$acl_m2,=E2=9D=8C F=C3=B6rfalskad
DKIM-signatur,$acl_m3?=
           add_header = X-Priority: ${if eq {$acl_m1}{3}{3}{1}}
           add_header = X-Status: ${if eq {$acl_m6}{1}{${if eq {$acl_m1}{3}{F}{}}}{}}
      accept
           dkim_status = invalid
           add_header = X-DKIM-Signature: invalid ($dkim_verify_status - $dkim_verify_reason)
           add_header = Keywords: =?UTF-8?Q?$acl_m2,=E2=9A=A0=EF=B8=8F Trasig
DKIM-signatur,$acl_m3?=
           add_header = X-Priority: ${if eq {$acl_m1}{3}{3}{5}}
           add_header = X-Status: ${if eq {$acl_m6}{1}{${if eq {$acl_m1}{3}{F}{}}}{}}
      accept
           dkim_status = pass
           add_header = X-DKIM-Signature: pass (address=$sender_address domain=$dkim_cur_signer -
signature is good)
           add_header = Keywords: =?UTF-8?Q?$acl_m2,=E2=9C=94=EF=B8=8F DKIM-signaturen =C3=A4r
giltig,$acl_m3?=
           add_header = X-Priority: 3
           add_header = X-Status: ${if eq {$acl_m6}{1}{F}{}}
      accept
           dkim_status = none
           add_header = X-DKIM-Signature: none (address=$sender_address domain=$dkim_cur_signer -
no signature found)
           add_header = Keywords: =?UTF-8?Q?$acl_m2,=E2=9E=96 DKIM-signatur saknas,$acl_m3?=
           add_header = X-Priority: ${if eq {$acl_m1}{3}{3}{${if eq {$acl_m1}{2}{1}{5}}}}
           add_header = X-Status: ${if eq {$acl_m6}{1}{${if eq {$acl_m1}{3}{F}{}}}{}}


Gives a nice status indicator in Microsoft Outlook (you have to assign the colors manually, tough),
while the X-Priority header will add a (!) for fraudulent email, and a (DOWNARROW) for when there
is some technical problem, for email clients not supporting the Keywords: header.

And also automatically star's the email with a star when all validations succeed, for the same
reason - email clients with no support for Keywords: header.

-----Ursprungligt meddelande-----
Från: Jasen Betts via Exim-users <exim-users@???>
Skickat: den 1 september 2021 04:09
Till: exim-users@???
Ämne: Re: [exim] Subject rewriting

On 2021-08-26, nb via Exim-users <exim-users@???> wrote:
> Hi,
>
> I need to change the subject when the message is considered as spam,
> *and* when there is an SPF problem.
>
> I use the following method:
>
> 1 - for SPF:
>      # remove old subject
>      remove_header=Subject
>      # create a new subject
>      add_header = Subject: *** SPF Error *** $rh_Subject:

>
> 2 - for SPAM:
>      # remove old subject
>      remove_header=Subject
>      # create a new subject
>      add_header = Subject: ***SPAM (score: $spam_score)*** $rh_Subject:

>
> It works fine when either of these two cases occur.
> But when both occur at the same time, I don't get the expected result.
> In this case, I get two "Subject" headers.


One way would be to build up the prefix in an ACL variable.

# 1 - for SPF:
      # add this to subject
      set acl_m_subj_prefix = $acl_m_subj_prefix *** SPF Error *** 


# 2 - for SPAM:
      # add this to subject
      set acl_m_subj_prefix = $acl_m_subj_prefix ***SPAM (score: $spam_score)*** 



      warn
        condition = ${if!eq{}{$acl_m_subj_prefix}}
        logwrite = subject rewritten
        # remove old subject
        remove_header=Subject
        # create a new subject
        add_header = Subject: $acl_m_subj_prefix $h_Subject:
    # discard the variable
    set acl_m_subj_prefix =


> Furthermore, would it be better to use $h_header?


If your exim configuration supports UTF-8, then yes.
(headers_charset setting in main configurarion)

--
Jasen.

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/