Re: [exim] conditions for running spam tests

Tue, 02 Nov 2010 03:20:25 -0700 

Seth Dillingham <seth.dilling...@gmail.com> (Di 02 Nov 2010 02:02:47 CET):
> I have the following in my acl_check_data:
> 
>   warn    spam       = nobody
>           condition  = ${if < {$message_size}{10K}}
>           add_header = X-Spam_score: $spam_score\n\
>                        X-Spam_score_int: $spam_score_int\n\
>                        X-Spam_bar: $spam_bar\n\
>                        X-Spam_report: $spam_report
> 
>   # reject spam with high scores
>   deny    message    = This message scored $spam_score points.
>           spam       = nobody:true
>           condition  = ${if < {$message_size}{10K}}
>           condition  = ${if > {$spam_score_int}{70}{1}{0}}
> 


First - shouldn't be the test for the message size done befor the spam
condition? If I understand well, the conditions are evaluated in order,
thus it is scanned always, but the result is used only for messages
<10k. (BTW, 10k seems to be quite small, the headers count here too., 
may be you should use the $message_body_size, if it is available in the
data acl.)


> This is working well enough, but I'd like to skip these tests under
> certain conditions:
> 
>       * if the sender is on the localhost
>       * if the message wasn't originally sent with SMTP
>         (I have scripts on the server which send mail to me
>         by calling Exim directly)
>       * if the sender is authenticated
> 

For non-SMTP the data acl is not used.
The following outline is roughly based on the rules we use.
It is something that *could* work, but it is not tested.
I like to set the reject threshold in Exim, not in SA.

    accept  senders = localhost
    accept  authenticated = *
    accept  condition = ${if >={$message_size}{10k}}
            add_header = X-Spam-Comment: not scanned

    deny    spam = nobody:true
            condition = ${if >{$spam_score_int}{120}}

    accept  add_header = X-Spam-…\n\
            …

It get's a little bit more complicated if you want to scan for viruses
too, but want the virus scan without exceptions. Then some "sub-acl"
might help you to keep the structure clean.


    is_trusted:
        accept  senders = localhost
        accept  senders = +relay_from_hosts
        accept  authenticated = *
        deny

    acl_check_data:

        …
        accept  acl = is_trusted
        …

    Best regards from Dresden/Germany
    Viele Grüße aus Dresden
    Heiko Schlittermann
-- 
 SCHLITTERMANN.de ---------------------------- internet & unix support -
 Heiko Schlittermann HS12-RIPE -----------------------------------------
 gnupg encrypted messages are welcome - key ID: 48D0359B ---------------
 gnupg fingerprint: 3061 CFBF 2D88 F034 E8D2  7E92 EE4E AC98 48D0 359B -

Attachment: signature.asc
Description: Digital signature

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Reply via email to