Hello, OK, can we assume that i am not going to change to this "exiscan" thing, and that i am going to continue to use routers and transports.
I have a problem, as documented in the first email (copied below), which needs fixing, and i was wondering if anyone had any advice that doesn't involve scrapping the router/transport solution. After all, routers and transports has been working perfectly for us for months, but ever since upgrading, it's stopped working on 50% of the email! Thanks in advance, and here's my first email... Yesterday, i upgraded SpamAssassin from "3.0.3-2sarge1" to "3.1.7-1~bpo.1" on a Debian Sarge box, using the following repository: ============================================================ deb http://www.backports.org/debian sarge-backports main contrib non-free ============================================================ However, since the upgrade, around 50% of the messages have been bouncing with the following message: ============================================================ 421 SMTP incoming data timeout - message abandoned ============================================================ Having investigated a little further, we are seeing lots of messages like these: ============================================================ mail:/var/log/exim4# grep BSMTP /var/log/exim4/mainlog.1 2007-02-27 17:10:34 1HM5le-0008Sj-5j <[EMAIL PROTECTED]>: sa_spamcheck transport output: An error was detected while processing a file of BSMTP input. 2007-02-27 17:23:09 1HM5xn-00009Z-Cn <[EMAIL PROTECTED]>: sa_spamcheck transport output: An error was detected while processing a file of BSMTP input. 2007-02-27 17:33:14 1HM67a-0000GO-BB <[EMAIL PROTECTED]>: sa_spamcheck transport output: An error was detected while processing a file of BSMTP input. 2007-02-27 17:51:29 1HM6PC-0000UI-Kl <[EMAIL PROTECTED]>: sa_spamcheck transport output: An error was detected while processing a file of BSMTP input. 2007-02-27 18:02:01 1HM6ZN-0000aK-JK <[EMAIL PROTECTED]>: sa_spamcheck transport output: An error was detected while processing a file of BSMTP input. 2007-02-27 18:14:39 1HM6lf-0000hq-4x <[EMAIL PROTECTED]>: sa_spamcheck transport output: An error was detected while processing a file of BSMTP input. 2007-02-27 18:31:31 1HM71z-0000rC-Qm <[EMAIL PROTECTED]>: sa_spamcheck transport output: An error was detected while processing a file of BSMTP input. 2007-02-27 18:42:12 1HM7CJ-0000xC-Ss <[EMAIL PROTECTED]>: sa_spamcheck transport output: An error was detected while processing a file of BSMTP input. 2007-02-27 18:42:14 1HM7CM-0000xN-HD <[EMAIL PROTECTED]>: sa_spamcheck transport output: An error was detected while processing a file of BSMTP input. 2007-02-27 18:42:19 1HM7CR-0000xX-4h <[EMAIL PROTECTED]>: sa_spamcheck transport output: An error was detected while processing a file of BSMTP input. ============================================================ Do you know what is happening here? Do i need to adjust some config due to the upgrade? My current exim config (which worked fine with "3.0.3-2sarge1") is as follows: Router: ============================================================ sa_router: no_verify check_local_user # When to scan a message : # - it isn't already flagged as spam from Spamassassin # - it isn't already scanned # - it isn't local # - it isn't from one internal domain user to another condition = "${if and { \ {!eq {$received_protocol}{spam-scanned}} \ {!eq {$received_protocol}{local}} \ {!eq {$sender_address_domain}{$domain}} \ } \ {1}{0}}" driver = accept transport = sa_spamcheck local_parts = /etc/spamassassinUsers ============================================================ Transport: ============================================================ sa_spamcheck: driver = pipe command = /usr/sbin/exim4 -oMr spam-scanned -bS use_bsmtp = true transport_filter = /usr/bin/spamc home_directory = "/tmp" current_directory = "/tmp" user = spamcheck group = spamcheck log_output = true return_fail_output = true return_path_add = false message_prefix = message_suffix = ============================================================ Thanks in advance for any advice, Richard. Arthur Hagen wrote: > On Wed, 2007-02-28 at 20:15 +0100, Renaud Allard wrote: >> For the moment, you are using routers and transports to scan for spam. >> This means you cannot deny mails at SMTP time. It is much better to use >> the built in spam and antivirus scan functions. > > The problem with not using routers at all is that different recipients > have different definitions of spam, and it seems quite tough to set up > something that allows for scanning at SMTP time, while still allowing > individual users' whitelists and special considerations. > > The best I've come up with is far from perfect: > > ... > acl_smtp-rcpt = acl_check_rcpt > acl_smtp_data = acl_check_data > spamd_address = 127.0.0.1 783 > ... > begin acl > acl_check_rcpt: > ... > accept domains = +local_domains > endpass > verify = recipient > # Allow for user-anything@ addresses > set acl_m0 = ${sg{$local_part}{-.*}{}} > set acl_m0 = ${lookup{$acl_m0}dbm{/etc/aliases.db}} > set acl_m0 = ${if eq {}{$acl_m0}{nobody}{$acl_m0}} > > accept domains = +relay_to_domains > endpass > verify = recipient > set acl_m0 = nobody > ... > acl_check_data: > ... > # Reject spam messages with score over 15 > deny message = Spam is not wanted here > spam = $acl_m0:true > condition = ${if >{$spam_score_int}{150}{1}{0}} > > warn spam = $acl_m0 > message = X-Spam-Flag: YES\n\ > X-Spam-Score: $spam_score ($spam_bar)\n\ > X-Spam-Report: $spam_report\n\ > X-Spam-Scanned-By: $acl_m0 > ... > (router section) > dnslookup: > driver = dnslookup > domains = ! +local_domains > transport = remote_smtp > ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 > headers_remove = > X-Spam-Status:X-Spam-Flag:X-Spam-Score:X-Spam-Report:X-Spam-Scanned-By:X-Is-A-Bounce > no_more > > > The idea is that local incoming mail gets scanned by the recipient, > while relayed mail or mail where the recipient can't be determined gets > scanned by the "nobody" user. > This is far from perfect, as it will not handle aliases pointing to > other aliases. The main problem is that when there /is/ a local > recipient, but the above acl_m0 rules fail to determine it, the uid will > be incorrect, and spamassassin fails to access the user's rules: > > Feb 27 23:55:11 myhost spamd[2382]: auto-whitelist: open of > auto-whitelist file failed: locker: safe_lock: cannot create tmp > lockfile > /home/username/.spamassassin/auto-whitelist.lock.myhost.mydomain.com.2382 for > /home/username/.spamassassin/auto-whitelist.lock: Permission denied > > Anyone know how to fix this, or better yet, have an alternative approach > that does allow for per-user scanning before the mail is accepted? > > I already know that there is a logistical problem when there's more than > one local recipient. It would be acceptable, but far from perfect, to > have that kind of email scanned by just one of the users (as is what > happens with the above) or "nobody". > > Regards, -- Richard Hobbs (Systems Administrator) Toshiba Research Europe Ltd. - Speech Technology Group Email: [EMAIL PROTECTED] Web: http://www.toshiba-europe.com/research/ Tel: +44 1223 376964 Mobile: +44 7811 803377 -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
