On Wed, 2010-06-02 at 12:58 +0100, [email protected] wrote: > I changed the value of spam-scanned to spam-scannedukgsa and within a > few minutes a spam mail arrived with "P=spam-scannedukgsa" (this is in > the logs). I wonder how they do that, it must be an exploit of some > time.
Er... your pipe transport sets the protocol as follows: command = "/usr/local/sbin/exim -oMr spam-scanned -bS" Presumably you changed that to "spam-scannedukgsa". Exim hands off the message to spamc via its own pipe transport which reinjects the message (if not filtered) using the pseudo-protocol you define in the -oMr section. > Anyway, if theres no easy way to sort this then it may require a total > reconfiguration of spam handling in the config as suggested :( Yes, you should drop the router/transport style spam scanning as it does not permit you to reject at SMTP time. Do it in an ACL instead. Graeme -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
