[SA-exim] A little help on SAEximRunCond & rcpt domain based
lookups
Sander Smeenk
ssmeenk at freshdot.net
Sun Jun 8 21:57:08 PDT 2003
Quoting Chirik (chirik at castlefur.com):
> Instead, do the checks during the master check_rcpt acl, and set one of
> the 'acl_m#' variables,
I did what you suggested. And this works. I can now switch on and off
the spamassassin scans from within my policy file for each domain
seperately.
> Note, this will result in SAEximRunCond being true if *any* domain for *any*
> recipient has it set true. You can adjust it to default to run, and set it
> to not run if any domain doesn't want SA run, instead, if you'd like.
Whoo :) You lost me.
If a message comes in with, say, two RCPT TO:'s, and one of them has
spamassassin=yes in it's policy, and the other hasn't, the message will
get scanned? That's ok I think. Wouldn't the same happen when I default
to scan, and set for specific domains not to scan?
Wouldn't it be the same? One has exim-sa set to not run, so both RCPT
TO's won't get scanned?
> Personally, I think using the acl_m# variables for this purpose is better
> than using headers - they get reset when a new message is started, and you
> don't have to take precautions to prevent SA not being run if they happen to
> be set on an inbound message ... unless you want that, of course.
Funny is that I didn't come to think of setting acl_m# variables. I
thought they wouldn't be available in SAEximRunCond either, because they
are ACL variables.
But, yes, I want to scan incoming messages. Unless the message was received
from localhost / localIP or the 'don't scan' header is set :)
But SAEximRunCond has correct {eq{}{}} things for that.
> In my case, I use acl_m0 as a signal to whether to run spamassassin,
> and whether or not to reject messages or just flag (I set it to
> 'do-not-reject' in acl_check_rcpt, and that is overridden by
> 'do-not-run' in acl_check_data) I use acl_m1 as a count of recipients
> I accepted, or would have accepted, were I not lying and telling the
> remote site that anything they tried was invalid because they were
> just guessing at usernames. ;-)
I'll first see how this works out before I start doing kinky stuff like
making rejecting optional ;)
> I really like exim, and it works great for my home systems - I'm looking for
> alternatives to deploy at my company, and I'm not sure exim is appropriate
> there. :-/
Hmm, with exim4's ACL's I have the idea anything is possible ;)
Thanks alot for helping me out this much... I'll continue doing tests
now!
Sander.
--
| I doubt, therefore I might be.
| 1024D/08CEC94D - 34B3 3314 B146 E13C 70C8 9BDB D463 7E41 08CE C94D
More information about the SA-Exim
mailing list