W dniu 06.03.2016 o 22:47, Heiko Schlittermann pisze:
maciej jackowski <[email protected]> (So 06 Mär 2016 21:29:01
CET):
Is it possible to run or skip malware scan
for specific recipients domains?
For example set check condition in ACL DATA via mysql lookup
Yes, if you manage to "single out" the domains or if you rely on PRDR.
(Though I'm not sure how to do it using PRDR. And I'm not sure if PRDR
is portable yet, as probably not many MTA connecting to your server
have support for PRDR).
MAIL FROM: xxx
< OK
RCPT TO: xxx1
< OK
RCPT TO: xxx2
< OK
DATA
…
< OK -- implicit OK for all recipients
But you can do it as e.g. google does it. Reject the RCPT if it's not
the same domain as the first recipient. Then, as soon as you reach the
DATA ACL you're sure that it's one domain only and you can do/skip the
malware scan depending on the domain. The other domain(s) have
to retry.
DRAFT, not tested!
# somewhere in your rcpt acl
warn condition = ${if !def:acl_m_domain}
set acl_m_domain = $domain
defer !domains = $acl_m_domain
# somewhere in your data acl
deny !domains = lsearch;$config_dir/skip_scan
malware = *
DRAFT, not tested!
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
Thanks for your suggestions
From what I read PRDR could be the right solution but it is not used
widely :(
I wonder how can I test ACL DATA from command line ?
I think about test your DRAFT code with domains test list
defer domains = testdomain : testdomain2
!domains = $acl_m_domain
so i can see how it works with real data
Is it safe condition for testing?
I assume this code should go to the top of RCPT ACL ?
right after
accept authenticated rule
regards
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
