Re: [exim] Trigger a spam/malware scan within a router, out…

Pàgina inicial
Delete this message
Reply to this message
Autor: Christian Balzer
Data:  
A: exim-users
Assumpte: Re: [exim] Trigger a spam/malware scan within a router, outside the smtp_data ACL
On Wed, 30 Mar 2022 23:10:44 +0900 Christian Balzer via Exim-users wrote:

> On Wed, 30 Mar 2022 13:00:13 +0100 Jeremy Harris via Exim-users wrote:
>
> > On 30/03/2022 08:44, Christian Balzer via Exim-users wrote:  
> > > Can the not_smtp ACL be abused for that with a pipe transport or similar?    

> >
> > Possibly, but rather unclean.
> >
> > Slightly less so would be using a ${acl (my_scanner_acl}} from a suitable option
> > on the router, to call a custom (neither smtp or non-smtp) ACL.
> >
> Thanks, at least I was on a semi-correct track.
> Will look into this (had no idea custom ACLs and calling them from a
> router was a thing) and hopefully figure it out.
>


Unfortunately that does not seem to work.

Take this simplistic custom ACL (which I can successfully call from a
router):
---
acl_rescan:

  accept
        malware = */defer_ok
        set acl_m_vfound = 1
---


This bombs out (using -d -bv) with:
---
LOG: MAIN PANIC
Failed to expand user string "${acl {acl_rescan}}" for the rescan_spam router: ERROR from acl "acl_rescan"
---

Ignore the user part, that's just a quick and dirty approach to see if a
value is returned.

It seems that the scanners are not available inside the custom ACL,
because if one comments out the malware line it works and returns an empty
string to the calling router:
---
LOG: MAIN PANIC
Failed to find user "" from expanded string "${acl {acl_rescan}}" for the rescan_spam router
---

Any suggestions, blatant oversights on my end?

Regards,

Christian
-- 
Christian Balzer        Network/Systems Engineer                
chibi@???       Rakuten Communications