Markus Kadelke wrote:
Dear all,
SNIP
Are you sure they are authenticated against exim, not just on your webmail? Could you show us logs of the authentication?1. Mails get checked even in a session where the user authenticated itself.
I fail to see why you are still using amavisd. If you use amavisd, you have to accept mails to deliver them to amavis, so mails will not be rejected but bounced to the probably faked sender, thus creating collateral spam.2. Mails with >30K are being checked.3. In case Mails are over threshold they are beeing checked twice (Headers are added twice). 4. I keep receiving Mails that are correctly tagged as [*SPAM*] in the subject and exceed spam_score_int by far, e.g. with a score of 210. But they are not rejected but delivered to my local inbox. Most of the SPAM mails are correctly rejected. I have no idea why. Sample header of a mail that should have been rejected:
Simple ACL rules should permit you to check for spam and deny it at SMTP time without the overhead of amavis.
like this for example:
#put Headers
warn
!hosts = +relay_from_hosts
condition = ${if <={$message_size}{256k}{1}{0}}
spam = nobody:true
add_header = X-Spam-Score: $spam_score ($spam_bar)
log_message = Spam-score: $spam_score
#put even more Headers
warn
!hosts = +relay_from_hosts
condition = ${if <={$message_size}{256k}{1}{0}}
spam = nobody:true
add_header = X-Spam-Report: $spam_report
#Deny spam
drop
!hosts = +relay_from_hosts
condition = ${if <={$message_size}{256k}{1}{0}}
message = Message rejected due to spam score:
$spam_score\n$spam_report
log_message = $sender_host_address (for $acl_m3) has spam
score: $spam_score
spam = nobody:true
condition = ${if >{$spam_score_int}{70}{1}{0}}
delay = 60s
smime.p7s
Description: S/MIME Cryptographic Signature
-- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
