[SA-exim] removing existing SA headers

Chad Leigh -- Shire.Net LLC chad at shire.net
Mon May 3 15:23:13 PDT 2010


On May 2, 2010, at 3:51 PM, Marc MERLIN wrote:

> On Tue, Apr 27, 2010 at 10:01:38AM -0600, Chad Leigh -- Shire.Net LLC wrote:
>> 
>> I know this was discussed before on the exim list (by me in fact  many many moons ago), but I wanted to get clarification on what is supposed to happen.
> 
> So first, that wasn't your question but I suppose it's not surprise to
> anyone here that SA-Exim is in maintenance mode at best.

Sure.

> I actually only recently noticed that the Debian SA-Exim maintainer fixed
> some compilation problems between SA-Exim and newer versions of Exim (good)
> without even reporting them back to me and giving me a chance to fix them
> upstream (bad).

That is not very nice.

> That said, SA-Exim just works for me still, most people have gone with
> exiscan since it's built in into Exim, and while exiscan isn't as powerful
> as SA-Exim in what it does spam and spammer wise, it's good enough for most,
> so they don't bother looking for other options like SA-Exim (can't blame
> them I suppose).

I have been using SA-exim since forever -- why "fix" something that isn't broke ;-)

I have also been using the SA-exim greylisting as well snice like forever

> 
> Anyway, all this to say that I had to go back and read my old code since I
> just don't even quite remember it :)

You're welcome ;-)

> 
>> A friends server that I help run is also running mailman.  
>> 
>> A member of one of his mail lists posts and SA thinks it is a spam when it first is accepted by exim and then passed to mailman, which resends it.  This resend is now originating from the server and so we do not rerun SA as we have a rule that all email that originates on the server do not run SA.   However, the old SA headers are still being picked up by rules.  I thought that sa-exim would remove the old headers
> 
> Yep, the code says so.
> 
> But my guess is that mailman resends your Email outside without filtering it
> through SA-Exim since it's local Email and therefore not spam.
> If you want to remove those SA-Exim headers, they'd have to be removed
> by Exim's remote_smtp transport before you send your mailman messages back out.

I will look at the stuff below and try it out or something similar.

SA-exim does seem to get run again on the resend though, since the headers

> x-sa-exim-connect-ip: 209.41.94.251
> x-sa-exim-mail-from: roselawn-bounces at object.com
> x-sa-exim-scanned: No (on mail.object.com); SAEximRunCond expanded to false

are there from the second time.  It does not run the scanner, but sa-exim glue is run and it inserts the headers!  Am I understanding it wrong?

> 
> remote_smtp:
>  debug_print = "T: remote_smtp for $local_part@$domain"
>  driver = smtp
>  # This deals with misocnfigurations like this one that redirect mail to us
>  # (i.e. 'mail' is unqualified and resolves back to us)
>  # worldclasssportfishing.net      MX      30 mail
>  dns_qualify_single = false
>  # This fixes a problem if TLS is enabled where a misunderstanding on the RFC
>  # can cause comunication failure between two hosts
>  hosts_nopass_tls = *
>  hosts_avoid_tls = +hosts_avoid_tls
>  hosts_try_auth = +hosts_try_auth
>  # This is generally set on messages originating from local users and it tells
>  # SA-Exim not to scan the message or that the message was scanned.
>  # Let's remove these headers if the message is sent remotely
>  headers_remove = "X-SA-Do-Not-Run:X-SA-Exim-Scanned:X-SA-Exim-Rcpt-From:X-SA-Exim-Rcpt-To:X-SA-Exim-Ver
> sion"
> 
> 
> Marc
> -- 
> "A mouse is a device used to point at the xterm you want to type in" - A.S.R.
> Microsoft is to operating systems & security ....
>                                      .... what McDonalds is to gourmet cooking
> Home page: http://marc.merlins.org/  

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.merlins.org/archives/sa-exim/attachments/20100503/b2aba920/attachment-0001.htm 


More information about the SA-Exim mailing list