I would personally use the "Keywords:" header instead:
warn
condition = ${if
forany{${listnamed_d:trusted_domains}}{match{$sender_address_domain}{\\.$item\$}}{yes}{${if
forany{${listnamed_d:trusted_domains}}{eq{$sender_address_domain}{$item}}{yes}{no}}}}
set acl_m3 = =E2=9C=94=EF=B8=8F Betrodd dom=C3=A4n
set acl_m4 = dnswl_whitelisted
set acl_m5 = pass
set acl_m6 = 1
warn
condition = ${if
forany{${listnamed_d:trusted_domains}}{match{$sender_address_domain}{\\.$item\$}}{no}{${if
forany{${listnamed_d:trusted_domains}}{eq{$sender_address_domain}{$item}}{no}{yes}}}}
set acl_m3 = =E2=9E=96 Ok=C3=A4nd dom=C3=A4n
set acl_m5 = fail
warn
condition = ${if
forany{${listnamed_d:suspicious_domains}}{match{$sender_address_domain}{\\.$item\$}}{yes}{${if
forany{${listnamed_d:suspicious_domains}}{eq{$sender_address_domain}{$item}}{yes}{no}}}}
condition = ${if eq{$acl_m5}{fail}{yes}{no}}
set acl_m3 = =E2=9D=8C Misst=C3=A4nkt skadlig dom=C3=A4n
set acl_m5 = suspicious
deny
message = 5.7.23 SPF fail (phishing) -
(${sg{${sg{$spf_smtp_comment}{http\:\/\/www\.open-spf\.org\/Why}{https:\/\/www.sebbe.eu\/spf.cgi}}}
{&receiver=sebbe\.eu}{}})
log_message = SPF check failed: ($spf_header_comment)
spf = fail : softfail
warn
set acl_m1 = 4
warn
spf = pass
add_header = X-SPF-Signature: $spf_result ($spf_header_comment)
set acl_m1 = 3
set acl_m2 = =E2=9C=94=EF=B8=8F SPF-signaturen =C3=A4r giltig
warn
spf = none : neutral
add_header = X-SPF-Signature: $spf_result ($spf_header_comment)
set acl_m1 = 2
set acl_m2 = =E2=9E=96 SPF-signatur saknas
warn
spf = permerror : temperror
log_message = SPF failure: $spf_header_comment
add_header = X-SPF-Signature: $spf_result ($spf_header_comment)
set acl_m1 = 1
set acl_m2 = =E2=9A=A0=EF=B8=8F Trasig SPF-signatur
warn
condition = ${if eq{$acl_m1}{4}{yes}{no}}
add_header = X-SPF-Signature: permerror (No SPF lookup was made due to technical error)
set acl_m1 = 1
set acl_m2 = =E2=9A=A0=EF=B8=8F Trasig SPF-signatur
accept
acl_check_dkim:
accept
dkim_status = fail
add_header = X-DKIM-Signature: fail (address=$sender_address domain=$dkim_cur_signer -
signature is bad)
add_header = Keywords: =?UTF-8?Q?$acl_m2,=E2=9D=8C F=C3=B6rfalskad
DKIM-signatur,$acl_m3?=
add_header = X-Priority: ${if eq {$acl_m1}{3}{3}{1}}
add_header = X-Status: ${if eq {$acl_m6}{1}{${if eq {$acl_m1}{3}{F}{}}}{}}
accept
dkim_status = invalid
add_header = X-DKIM-Signature: invalid ($dkim_verify_status - $dkim_verify_reason)
add_header = Keywords: =?UTF-8?Q?$acl_m2,=E2=9A=A0=EF=B8=8F Trasig
DKIM-signatur,$acl_m3?=
add_header = X-Priority: ${if eq {$acl_m1}{3}{3}{5}}
add_header = X-Status: ${if eq {$acl_m6}{1}{${if eq {$acl_m1}{3}{F}{}}}{}}
accept
dkim_status = pass
add_header = X-DKIM-Signature: pass (address=$sender_address domain=$dkim_cur_signer -
signature is good)
add_header = Keywords: =?UTF-8?Q?$acl_m2,=E2=9C=94=EF=B8=8F DKIM-signaturen =C3=A4r
giltig,$acl_m3?=
add_header = X-Priority: 3
add_header = X-Status: ${if eq {$acl_m6}{1}{F}{}}
accept
dkim_status = none
add_header = X-DKIM-Signature: none (address=$sender_address domain=$dkim_cur_signer -
no signature found)
add_header = Keywords: =?UTF-8?Q?$acl_m2,=E2=9E=96 DKIM-signatur saknas,$acl_m3?=
add_header = X-Priority: ${if eq {$acl_m1}{3}{3}{${if eq {$acl_m1}{2}{1}{5}}}}
add_header = X-Status: ${if eq {$acl_m6}{1}{${if eq {$acl_m1}{3}{F}{}}}{}}
Gives a nice status indicator in Microsoft Outlook (you have to assign the colors manually, tough),
while the X-Priority header will add a (!) for fraudulent email, and a (DOWNARROW) for when there
is some technical problem, for email clients not supporting the Keywords: header.
And also automatically star's the email with a star when all validations succeed, for the same
reason - email clients with no support for Keywords: header.
-----Ursprungligt meddelande-----
Från: Jasen Betts via Exim-users <exim-users@???>
Skickat: den 1 september 2021 04:09
Till: exim-users@???
Ämne: Re: [exim] Subject rewriting
On 2021-08-26, nb via Exim-users <exim-users@???> wrote:
> Hi,
>
> I need to change the subject when the message is considered as spam,
> *and* when there is an SPF problem.
>
> I use the following method:
>
> 1 - for SPF:
> # remove old subject
> remove_header=Subject
> # create a new subject
> add_header = Subject: *** SPF Error *** $rh_Subject:
>
> 2 - for SPAM:
> # remove old subject
> remove_header=Subject
> # create a new subject
> add_header = Subject: ***SPAM (score: $spam_score)*** $rh_Subject:
>
> It works fine when either of these two cases occur.
> But when both occur at the same time, I don't get the expected result.
> In this case, I get two "Subject" headers.
One way would be to build up the prefix in an ACL variable.
# 1 - for SPF:
# add this to subject
set acl_m_subj_prefix = $acl_m_subj_prefix *** SPF Error ***
# 2 - for SPAM:
# add this to subject
set acl_m_subj_prefix = $acl_m_subj_prefix ***SPAM (score: $spam_score)***
warn
condition = ${if!eq{}{$acl_m_subj_prefix}}
logwrite = subject rewritten
# remove old subject
remove_header=Subject
# create a new subject
add_header = Subject: $acl_m_subj_prefix $h_Subject:
# discard the variable
set acl_m_subj_prefix =
> Furthermore, would it be better to use $h_header?
If your exim configuration supports UTF-8, then yes.
(headers_charset setting in main configurarion)
--
Jasen.
--
## List details at
https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at
http://www.exim.org/
## Please use the Wiki with this list -
http://wiki.exim.org/
