From marc at merlins.org Sat Apr 4 14:40:43 2009 From: marc at merlins.org (Marc MERLIN) Date: Sat, 4 Apr 2009 14:40:43 -0700 Subject: [SA-exim] sa-exim thankyou, and a tweak In-Reply-To: <49D71B09.4010400@zomo.co.uk> References: <49D71B09.4010400@zomo.co.uk> Message-ID: <20090404214043.GG24488@merlins.org> On Sat, Apr 04, 2009 at 09:32:09AM +0100, lemon wrote: > Hi Marc, > > Firstly, thanks for sa-exim. It has consistently helped me not drown in > spam, and has kept the (very small scale) email hosting I run clean. Glad to hear it's working for you. I now wrote this almost 7 years ago and as you probably noticed, haven't changed it much recently, especially since exiscan got merged with exim. While it's inferior in some capabilities, it's good enough for most. > I thought I'd get in touch 'cos I recently patched sa-exim.c to allow > SAspamcPort to be an Exim expansion string. > > My motive for this is that I still want to spam check authenticated SMTP > sessions to guard against compromised accounts being used for sending > spam which would break all my hosting AUPs etc. That makes sense. > What I now do is change the SAspamcPort for authenticated sessions to a > different spamd, reserved just for these traffic. Authenticating senders > no longer have to wait whilst the normal, inbound, spamds are doing > their stuff. Good idea. > Anyhow, figured I'd get in touch with the patch, attached. If anything > strikes you as stupid about it I'd appreciate your thoughts. Nah, it looks fine. > From reading the Exim docs I believe it's safe to not have to worry > about expand_string's allocation of the string it returns a pointer to, > on account of its nifty dynamic allocation stuff. That's my understanding, and I always like to check for null anyway :) I'll keep your patch handy if and when I release another version, although to be honest, I'm not sure if I will release another version since the userlist is a bit small, I don't see the point of trying to compete with exiscan, and the current version works for me :) I'm Ccing the list however so that your patch is available to others who might have a need for it. Cheers, Marc > Thanks again, lemon. > > # SAspamcPort: ${if def:authenticated_id {7832}{783}} > > --- work/sa-exim-4.2/sa-exim.c.orig 2009-04-04 08:59:07.000000000 +0100 > +++ work/sa-exim-4.2/sa-exim.c 2009-04-04 08:59:11.000000000 +0100 > @@ -882,6 +882,14 @@ > log_write(0, LOG_MAIN, "SA: Debug: check succeeded, running spamc"); > } > > + expand=expand_string(SAspamcPort); > + if (expand == NULL) > + { > + PANIC(string_sprintf("SAspamcPort expansion failure on %s", SAspamcPort)); > + } > + SAspamcPort = expand; > + log_write(0, LOG_MAIN, "SA: SAspamcPort is now %s", SAspamcPort); > + > /* Ok, so now that we know we're running SA, we remove the X-Spam headers */ > /* that might have been there */ > RemoveHeaders("X-Spam-"); -- "A mouse is a device used to point at the xterm you want to type in" - A.S.R. Microsoft is to operating systems & security .... .... what McDonalds is to gourmet cooking Home page: http://marc.merlins.org/