[exim] Route each outgoing mail through script for spam dete…

Góra strony
Delete this message
Reply to this message
Autor: Brian Wiborg
Data:  
Dla: Exim-users
Temat: [exim] Route each outgoing mail through script for spam detection
Hi,

we have a perfectly working mail-cluster built with Exim. In order to
improve spam detection and prevention, we want to pipe each mail through
a script that feeds the mail's metadata into our in-house spam
detection. The basic idea is:

```
each outgoing mail -> exim -> our script -> back to exim -> proceed as usual
```

We've implemented an accept-router and a pipe-transport, which we placed
at the very top of the router and transport configuration.

The router:

```
mxguard_router:
driver = accept
condition = ${if def:header_X-MXGUARD-FROM:{false}{true}}
transport = mxguard_transport
```

The transport:

```
mxguard_transport:
driver = pipe
command = /usr/local/bin/bash /usr/local/scripts/mxguard-pipe-transport.sh
```

The script:

```
#!/usr/bin/env bash

MESSAGE="$(cat)"
MXGUARD="/usr/local/scripts/mxgctl"

export MXGUARD_AMQP_ENDPOINT="amqp://amqp.snafu.de:5672/"
echo "${MESSAGE}" | "${MXGUARD}" lmtp -i "${MESSAGE_ID}" -s "${SENDER}" -r "${RECIPIENT}"
```

The `mxguard` binary publishes the mail's metadata to the AMQP broker,
injects two headers (X-MXGUARD-FROM and X-MXGUARD-TIME) and redelivers
the mail to `127.0.0.1:25`.

What we intend and expect:

  * the mail arrives
  * exim pipes the mail to our script
  * the script calls mxguard
  * mxguard injects headers and redelivers to Exim
  * Exim now sees the headers, thus bypassing the router and doing
    business as usual


What we see instead:

* the mail arrives
* exim pipes the mail to our script
* the script calls mxguard
* mxguard injects the heads and redelivers to Exim
* Exim disregards the headers and pipes the mail back to our script
* the script calls mxguard
* mxguard redelivers to Exim
* the mail gets hung in above endless loop

The endless loop continues until we comment out the router. Once we do
that, the loop stops and Exim sends out an email in which one can
clearly see, that it was stuck in a loop. The mail header section
repeats several times (the longer you let it loop, the more) while there
is only one body at the very end.

Any idea what we doing wrong or how we can achieve the expected behavior?

With kind regards,

Brian