Hello,
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Nigel Wade
> Sent: 20 July 2005 17:25
> To: [email protected]
> Subject: Re: [exim] Per-User SpamAssassin config
>
> Richard Hobbs wrote:
> > Hello,
> >
> > I have found our latest problem - we have a mail loop!
> Here's the command
> > used to send the mail back to exim once it's been checked (I think):
> >
> > /usr/sbin/exim4 -oMr spam-scanned -bS
> >
> > And here are the router and transport in full, which I am using:
> >
> > THE ROUTER:
> > # spamassassin stuff
> > sa_router:
> > no_verify
> > check_local_user
> > # When to scan a message :
> > # - it isn't already flagged as spam from Spamassassin
> > # - it isn't already scanned
> > # - it isn't local
> > # - it isn't from one internal domain user to another
> > condition = "${if and { \
> > {!def:h_X-Spam-Flag:} \
> > {!eq {$received_protocol}{spam-scanned}} \
> > {!eq {$received_protocol}{local}} \
> > {!eq {$sender_address_domain}{$domain}} \
> > } \
> > {1}{0}}"
> > driver = accept
> > transport = sa_spamcheck
> > local_parts = /etc/spamassassinUsers
> > # end of spamassassin stuff
> >
> > THE TRANSPORT:
> > # spamassassin stuff
> > sa_spamcheck:
> > driver = pipe
> > command = /usr/sbin/exim4 -oMr spam-scanned -bS
> > use_bsmtp = true
> > transport_filter = /usr/bin/spamc
> > home_directory = "/tmp"
> > current_directory = "/tmp"
> > user = spamcheck
> > group = spamcheck
> > log_output = true
> > return_fail_output = true
> > return_path_add = false
> > message_prefix =
> > message_suffix =
> > # end of spamassassin stuff
> >
> > Also, we are using exim-daemon-light as our MTA.
> >
> > Any ideas??
> >
> > Thanks in advance,
> > Richard.
> >
>
> Is "spamcheck" a trusted user? If not it won't be able to set
> the protocol
> on the exim command.
Trusted in what sense, exactly? The user is a system user with a home
directory, but a user with no shell (in /etc/passwd) and no password (in
/etc/shadow).
> Also, I would not skip checking if the X-Spam-Flag header is
> present. That
> means all the spammer has to do is insert this header and
> your spam checking
> will be bypassed completely.
Good point, I have revised the condition in the router, so it is now:
# condition = "${if and { \
# {!eq {$received_protocol}{spam-scanned}} \
# {!eq {$received_protocol}{local}} \
# {!eq {$sender_address_domain}{$domain}} \
# } \
# {1}{0}}"
Thinking about it... Is the condition above valid? Will it actually
successfully detect mail passed back into exim using the following command:
/usr/sbin/exim4 -oMr spam-scanned -bS
Thanks,
Richard.
--
Richard Hobbs (Systems Administrator)
Toshiba Research Europe Ltd. - Speech Technology Group
Web: http://www.toshiba-europe.com/research/
Email: [EMAIL PROTECTED]
Tel: +44 1223 376964 Mobile: +44 7811 803377
_____________________________________________________________________
This e-mail has been scanned for viruses by MCI's Internet Managed Scanning
Services - powered by MessageLabs. For further information visit
http://www.mci.com
--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/
