jean-paul natola wrote:
> Hi everyone,
>
> I *thought* I had succeeded in implementing an ACL that would tell EXIM not
> to scan messages over 1 MB-
>
> I followed the feedback I got here , and applied this to my configure
>
> in the MAIN section I added
>
> SCAN_MAX = 1M
>
>
> and then in the ACL CONFIGURATION section I added this
>
> warn condition = ${if >{$message_size}{SCAN_MAX} {true}}message =
> X-Oversize: Message too large to scan.log_message = D18S3 Passed unscanned -
> exceeds SCAN_MAXset acl_m19 = 1
>
> Now I sent myself a message from outside that was over 1 meg and here are
> the headers;
>
> IF it indeed was to too large to scan - then I should not have had any score
> correct?
>
>
> X-Oversize: Message too large to scan.X-Spam-Score: -95.1
> (---------------------------------------------------)X-Spam-Report: Spam
> detection software, running on the system "milter.fci", has identified this
> incoming email as possible spam. The original message has been attached to
> this so you can view it (if it isn't spam) or label similar future email. If
> you have any questions, see The administrator of that system for details.
> Content preview: Download Messenger. Start an i’m conversation. Support a
> cause. Join now. http://im.live.com/messenger/im/home/?source=TAGWL_MAY07
> Download Messenger. Start an i’m conversation. Support a cause. Join Now!
> [...] Content analysis details: (-95.1 points, 5.0 required) pts rule name
> description ---- ----------------------
> -------------------------------------------------- -100 USER_IN_WHITELIST
> From: address is in the user's white-list 2.3 FORGED_HOTMAIL_RCVD Forged
> hotmail.com 'Received:' header found 0.0 HTML_MESSAGE BODY: HTML
> included in message -1.1 BAYES_05 BODY: Bayesian spam
> probability is 1 to 5% [score: 0..0401] 0.2 MIME_BASE64_NO_NAME RAW:
> base64 attachment does not have a file name 0.5 RAZOR2_CHECK Listed
> in Razor2 (http://razor.sf.net/) 0.2 DNS_FROM_RFC_ABUSE RBL: Envelope
> sender in abuse.rfc-ignorant.org 1..7 DNS_FROM_RFC_POST RBL: Envelope
> sender in postmaster.rfc-ignorant.org 1.8 MISSING_SUBJECT Missing
> Subject: header -0.7 AWL AWL: From: address is in the auto
> whit
> _________________________________________________________________
> Create the ultimate e-mail address book. Import your contacts to Windows Live
> Hotmail.
> www.windowslive-hotmail.com/learnmore/managemail2.html?locale=en-us&ocid=TXT_TAGLM_HMWL_reten_impcont_0507
>
That ACL just sets some headers and then continues on. You need to tell
the ACL to accept so it will not process any more ACLs. For example, I
have a line like this right before my spamd ACL:
accept
condition = ${if >{$message_size}{1M}{true}{false}}
Or you could do it as a condition in an ACL itself. For example, I have
this line in my malware ACL:
discard
condition = ${if <{$message_size}{1m}{true}{false}}
malware = */defer_ok
log_message = VIRUS ($malware_name)
Hope that helps,
mikeS
--
Michael F. Sprague | [EMAIL PROTECTED]
http://www.saneinc.net | Provider of SpamOnion anti-spam service
System and Network Engineering (SaNE), Inc
--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/
