On 10/08/11 02:17, Drav Sloan wrote:
The Doctor wrote:
You should probably read your acls, as I imagine one rule in there is
accepting them wholesale. Exim only does what Exim is told to do.
[snip]
Have you tried exim -d -bh<ip of server>
and looked at that?
My money is, however, on the accept statement for relay_from_hosts, which
then short circuits all other spam / virus checks. Also you probably
should look at plugging the hole on your web server so the spam can not
be injected in the first instance.
D.
Depending on how the mail was initiated, it could be
accept hosts = :
which, IIRC, accepts mail that was not received over SMTP.
I agree with the above, though. Stopping it being input in the first
place is the real fix.
AV scanning outbound is fine/good, spam scanning is trickier:
for a start you're going to miss out on the RBL lookups, and FPs are
more troublesome.
Rate-limiting outbound mail might be a useful damage limitation step,
though.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
