From dermot at sciencephoto.com Mon May 15 11:25:11 2006 From: dermot at sciencephoto.com (Dermot Paikkos) Date: Mon, 15 May 2006 19:25:11 +0100 Subject: [SA-exim] SAEximRunCond question Message-ID: <4468D597.605.1D3E5E5D@dermot.sciencephoto.com> Hi, Exim 4.5 on Debian (exim4-daemon-light | exim4-daemon-heavy) I am trying to exclude mail that originates from our domain from being scanned but can't seem to find the right notation. I am not sure if I should be modifying the SAEximRunCond to do this but my experiments make me think this is the way forward. If I modify the rule so that it has a test for my specific IP address my emails are not scanned but I can't seem to find a way to exclude the whole subnet (short of entering every address). So this works SAEximRunCond: ${if and {{def:sender_host_address} {!eq {$sender_host_address}{127.0.0.1}} {!eq {$sender_host_address}{194.???.??.???}} {!eq {$h_X-SA-Do-Not- Run:}{Yes}} } {1}{0}} but this doesn't SAEximRunCond: ${if and {{def:sender_host_address} {!eq {$sender_host_address}{127.0.0.1}} {!eq {$sender_host_address}{194.???.??.???/25}} {!eq {$h_X-SA-Do-Not- Run:}{Yes}} } {1}{0}} I have commented out the next line as I thought it was only for testing. # Remove or comment out the following line to enable sa-exim #SAEximRunCond: 1 I am obviously missing something and I am sorry if my understanding is a off-course but can anyone show me where I am going wrong. TIA. Dp. From dermot at sciencephoto.com Mon May 15 11:25:11 2006 From: dermot at sciencephoto.com (Dermot Paikkos) Date: Mon, 15 May 2006 19:25:11 +0100 Subject: [SA-exim] SAEximRunCond question Message-ID: <4468D597.605.1D3E5E5D@dermot.sciencephoto.com> Hi, Exim 4.5 on Debian (exim4-daemon-light | exim4-daemon-heavy) I am trying to exclude mail that originates from our domain from being scanned but can't seem to find the right notation. I am not sure if I should be modifying the SAEximRunCond to do this but my experiments make me think this is the way forward. If I modify the rule so that it has a test for my specific IP address my emails are not scanned but I can't seem to find a way to exclude the whole subnet (short of entering every address). So this works SAEximRunCond: ${if and {{def:sender_host_address} {!eq {$sender_host_address}{127.0.0.1}} {!eq {$sender_host_address}{194.???.??.???}} {!eq {$h_X-SA-Do-Not- Run:}{Yes}} } {1}{0}} but this doesn't SAEximRunCond: ${if and {{def:sender_host_address} {!eq {$sender_host_address}{127.0.0.1}} {!eq {$sender_host_address}{194.???.??.???/25}} {!eq {$h_X-SA-Do-Not- Run:}{Yes}} } {1}{0}} I have commented out the next line as I thought it was only for testing. # Remove or comment out the following line to enable sa-exim #SAEximRunCond: 1 I am obviously missing something and I am sorry if my understanding is a off-course but can anyone show me where I am going wrong. TIA. Dp. From dermot at sciencephoto.com Mon May 15 11:25:11 2006 From: dermot at sciencephoto.com (Dermot Paikkos) Date: Mon, 15 May 2006 19:25:11 +0100 Subject: [SA-exim] SAEximRunCond question Message-ID: <4468D597.605.1D3E5E5D@dermot.sciencephoto.com> Hi, Exim 4.5 on Debian (exim4-daemon-light | exim4-daemon-heavy) I am trying to exclude mail that originates from our domain from being scanned but can't seem to find the right notation. I am not sure if I should be modifying the SAEximRunCond to do this but my experiments make me think this is the way forward. If I modify the rule so that it has a test for my specific IP address my emails are not scanned but I can't seem to find a way to exclude the whole subnet (short of entering every address). So this works SAEximRunCond: ${if and {{def:sender_host_address} {!eq {$sender_host_address}{127.0.0.1}} {!eq {$sender_host_address}{194.???.??.???}} {!eq {$h_X-SA-Do-Not- Run:}{Yes}} } {1}{0}} but this doesn't SAEximRunCond: ${if and {{def:sender_host_address} {!eq {$sender_host_address}{127.0.0.1}} {!eq {$sender_host_address}{194.???.??.???/25}} {!eq {$h_X-SA-Do-Not- Run:}{Yes}} } {1}{0}} I have commented out the next line as I thought it was only for testing. # Remove or comment out the following line to enable sa-exim #SAEximRunCond: 1 I am obviously missing something and I am sorry if my understanding is a off-course but can anyone show me where I am going wrong. TIA. Dp. From amen at oreilly.com Mon May 15 15:36:07 2006 From: amen at oreilly.com (Bob Amen) Date: Mon, 15 May 2006 15:36:07 -0700 Subject: [SA-exim] SAEximRunCond question In-Reply-To: <4468D597.605.1D3E5E5D@dermot.sciencephoto.com> References: <4468D597.605.1D3E5E5D@dermot.sciencephoto.com> Message-ID: <44690257.3060104@oreilly.com> Dermot Paikkos wrote: > Hi, > > Exim 4.5 on Debian (exim4-daemon-light | exim4-daemon-heavy) > > I am trying to exclude mail that originates from our domain from > being scanned but can't seem to find the right notation. > > I am not sure if I should be modifying the SAEximRunCond to do this > but my experiments make me think this is the way forward. > No need to do that. Just set a header, thus: warn message = X-SA-Do-Not-Run: Yes hosts = +relay_from_hosts where relay_from_hosts is a host lookup such as: hostlist relay_from_hosts = +localadds : /etc/exim/acls/relayfromhosts By setting the X-SA-Do-Not-Run header, the default SA-Exim configuration file will bypass SA for those hosts that match the host lookup. > If I modify the rule so that it has a test for my specific IP address > my emails are not scanned but I can't seem to find a way to exclude > the whole subnet (short of entering every address). > In the relayfromhosts file you can specify CIDR address lists if you use iplsearch to do the search. HTH, Bob -- Bob Amen O'Reilly Media, Inc. http://www.ora.com/ http://www.oreilly.com/ From dermot at sciencephoto.com Tue May 16 02:35:30 2006 From: dermot at sciencephoto.com (Dermot Paikkos) Date: Tue, 16 May 2006 10:35:30 +0100 Subject: [SA-exim] SAEximRunCond question In-Reply-To: <44690257.3060104@oreilly.com> References: <4468D597.605.1D3E5E5D@dermot.sciencephoto.com> Message-ID: <4469AAF2.16631.207FC861@dermot.sciencephoto.com> On 15 May 2006 at 15:36, Bob Amen wrote: Thanx Bob, > No need to do that. Just set a header, thus: > > warn message = X-SA-Do-Not-Run: Yes > hosts = +relay_from_hosts > > where relay_from_hosts is a host lookup such as: > hostlist relay_from_hosts = +localadds : /etc/exim/acls/relayfromhosts > > By setting the X-SA-Do-Not-Run header, the default SA-Exim > configuration file will bypass SA for those hosts that match the host > lookup. > I see. That header is missing from all my local mail. What acl should I put that in? Somewhere before acl_check_data? I am using a spilt config and I was under the impression that I shouldn't edit any of the files in conf.d/acl but to customise my installation by putting all my local setting in a separate file (EG: conf.d/main/00_myserver_conf) so presumably I'd need something similar on ~/conf.d/acl. I have found another method to skip scanning local mail by modifying the SAEximRunCond rule to read: SAEximRunCond: ${if and {{def:sender_host_address} {!eq {${mask:$sender_host_address/25}}{194.???.???.???/25}} {!eq {$h_X-SA- Do-Not-Run:}{Y es}} } {1}{0}} ${mask:$sender_host_address/25} should resolve to our subnet and at the moment I don't need the $h_X-SA header part. I am using this method at the moment but I would prefer to use the acl were I add the X-SA header. I think that the way it was intended to work and it might allow for a bit more flexibility. I am also getting What acl do I use to add the X-SA-Do-Not-Run header? TIA. Dp. From marc at merlins.org Tue May 16 07:43:03 2006 From: marc at merlins.org (Marc MERLIN) Date: Tue, 16 May 2006 07:43:03 -0700 Subject: [SA-exim] SAEximRunCond question In-Reply-To: <4469AAF2.16631.207FC861@dermot.sciencephoto.com> References: <4468D597.605.1D3E5E5D@dermot.sciencephoto.com> <4469AAF2.16631.207FC861@dermot.sciencephoto.com> Message-ID: <20060516144303.GN11842@merlins.org> On Tue, May 16, 2006 at 10:35:30AM +0100, Dermot Paikkos wrote: > I see. That header is missing from all my local mail. What acl should > I put that in? Somewhere before acl_check_data? Your questions are all answered in the documentation. See: http://marc.merlins.org/linux/exim/files/sa-exim-cvs/README EXIM4 INTEGRATION / NOT SCANNING YOUR OWN MAILS Marc -- "A mouse is a device used to point at the xterm you want to type in" - A.S.R. Microsoft is to operating systems & security .... .... what McDonalds is to gourmet cooking Home page: http://marc.merlins.org/ | Finger marc_f at merlins.org for PGP key