[SA-exim] SAEximRunCond expanded to false

Tim Jackson lists at timj.co.uk
Mon Jun 6 14:36:22 PDT 2005


On Sun, 05 Jun 2005 01:07:28 -0400
fred <fred at ringwald.org> wrote:

> SAEximRunCond: ${if and {{def:sender_host_address} {!eq
> {$sender_host_address}{127.0.0.1}} {!eq {$h_X-SA-Do-Not-Run:}{Yes}} }
> {1}{0}}
> is evaluated as false and decides not to scan.

[...]

> 2005-06-05 01:01:01 1DenFt-0002ap-2J SA: Action: Not running SA
> because SAEximRunCond expanded to false (Message-Id:
> 1DenFt-0002ap-2J). From <RealTimeEmail+USRT--
> I4Q5w3dB40 at bounces.amazon.com> (host=localhost [127.0.0.1]) for
> fred at localhost

Right, so all your messages are coming from localhost. That's why
SAEximRunCond evaluates to false. You say later on that you are using
fetchmail, which explains it, because fetchmail is receiving the
mails and then passing them to Exim - thus, the mails naturally
originate from localhost (because fetchmail is running on your local
machine).

> I am guessing that my exim4 configuration is telling sa-exim that all
> incoming mail is coming from 127.0.0.1. 

It's not your Exim configuration telling SAExim anything; it's a
matter of fact that the mail *IS* coming from 127.0.0.1.

> However, I can't figure out how to tell it otherwise.

You don't. You need to change your SAEximRunConf so that it *does* scan
mail coming from 127.0.0.1, if you're going to carry on using
fetchmail. If you do this, however, please make sure you configure
fetchmail such that it doesn't create bounces when SA-Exim rejects
mail, because otherwise you will spam third parties who have been
unlucky enough to have their addresses forged in the envelope senders
of spam. This will, unfortunately, have the side effect of meaning that
any mails incorrectly rejected by SA-Exim will disappear into a
blackhole without anyone knowing about it.  This just illustrates the
fact that spam scanning is better done at the "front line" rather than
after the mail has been accepted and delivered to a mailbox. In other
words, you would be better getting your upstream provider to do the
scanning. If they can't or won't, consider whether you would be better
using a tool such as spam tools built into your e-mail client, rather
than using SA-Exim, which was really intended for use on frontline e-
mail servers. Or, you could just tag the mails and filter them into a
separate folder or something.


Tim



More information about the SA-Exim mailing list