[SA-exim] A little help on SAEximRunCond & rcpt domain based lookups

Sander Smeenk ssmeenk at freshdot.net
Sun Jun 8 21:57:08 PDT 2003

Previous message: [SA-exim] Debian package of sa-exim?
Next message: [SA-exim] A little help on SAEximRunCond & rcpt domain based lookups
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Quoting Chirik (chirik at castlefur.com):

>   Instead, do the checks during the master check_rcpt acl, and set one of
> the 'acl_m#' variables,

I did what you suggested. And this works. I can now switch on and off
the spamassassin scans from within my policy file for each domain
seperately.

> Note, this will result in SAEximRunCond being true if *any* domain for *any*
> recipient has it set true.  You can adjust it to default to run, and set it
> to not run if any domain doesn't want SA run, instead, if you'd like.

Whoo :)  You lost me.
If a message comes in with, say, two RCPT TO:'s, and one of them has
spamassassin=yes in it's policy, and the other hasn't, the message will
get scanned? That's ok I think. Wouldn't the same happen when I default
to scan, and set for specific domains not to scan?

Wouldn't it be the same? One has exim-sa set to not run, so both RCPT
TO's won't get scanned?

> Personally, I think using the acl_m# variables for this purpose is better
> than using headers - they get reset when a new message is started, and you
> don't have to take precautions to prevent SA not being run if they happen to
> be set on an inbound message ... unless you want that, of course.

Funny is that I didn't come to think of setting acl_m# variables. I
thought they wouldn't be available in SAEximRunCond either, because they
are ACL variables.

But, yes, I want to scan incoming messages. Unless the message was received
from localhost / localIP or the 'don't scan' header is set :)
But SAEximRunCond has correct {eq{}{}} things for that.

> In my case, I use acl_m0 as a signal to whether to run spamassassin,
> and whether or not to reject messages or just flag (I set it to
> 'do-not-reject' in acl_check_rcpt, and that is overridden by
> 'do-not-run' in acl_check_data) I use acl_m1 as a count of recipients
> I accepted, or would have accepted, were I not lying and telling the
> remote site that anything they tried was invalid because they were
> just guessing at usernames. ;-)

I'll first see how this works out before I start doing kinky stuff like
making rejecting optional ;)

> I really like exim, and it works great for my home systems - I'm looking for
> alternatives to deploy at my company, and I'm not sure exim is appropriate
> there.  :-/

Hmm, with exim4's ACL's I have the idea anything is possible ;)

Thanks alot for helping me out this much... I'll continue doing tests
now!

Sander.
-- 
| I doubt, therefore I might be.
| 1024D/08CEC94D - 34B3 3314 B146 E13C 70C8  9BDB D463 7E41 08CE C94D

Previous message: [SA-exim] Debian package of sa-exim?
Next message: [SA-exim] A little help on SAEximRunCond & rcpt domain based lookups
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the SA-Exim mailing list