<html><head></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><br><div><div>On May 2, 2010, at 3:51 PM, Marc MERLIN wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite"><div>On Tue, Apr 27, 2010 at 10:01:38AM -0600, Chad Leigh -- <a href="http://Shire.Net">Shire.Net</a> LLC wrote:<br><blockquote type="cite"><br></blockquote><blockquote type="cite">I know this was discussed before on the exim list (by me in fact  many many moons ago), but I wanted to get clarification on what is supposed to happen.<br></blockquote><br>So first, that wasn't your question but I suppose it's not surprise to<br>anyone here that SA-Exim is in maintenance mode at best.<br></div></blockquote><div><br></div>Sure.</div><div><br><blockquote type="cite"><div>I actually only recently noticed that the Debian SA-Exim maintainer fixed<br>some compilation problems between SA-Exim and newer versions of Exim (good)<br>without even reporting them back to me and giving me a chance to fix them<br>upstream (bad).<br></div></blockquote><div><br></div>That is not very nice.</div><div><br><blockquote type="cite"><div>That said, SA-Exim just works for me still, most people have gone with<br>exiscan since it's built in into Exim, and while exiscan isn't as powerful<br>as SA-Exim in what it does spam and spammer wise, it's good enough for most,<br>so they don't bother looking for other options like SA-Exim (can't blame<br>them I suppose).<br></div></blockquote><div><br></div><div>I have been using SA-exim since forever -- why "fix" something that isn't broke ;-)</div><div><br></div>I have also been using the SA-exim greylisting as well snice like forever</div><div><br><blockquote type="cite"><div><br>Anyway, all this to say that I had to go back and read my old code since I<br>just don't even quite remember it :)<br></div></blockquote><div><br></div>You're welcome ;-)</div><div><br><blockquote type="cite"><div><br><blockquote type="cite">A friends server that I help run is also running mailman.  <br></blockquote><blockquote type="cite"><br></blockquote><blockquote type="cite">A member of one of his mail lists posts and SA thinks it is a spam when it first is accepted by exim and then passed to mailman, which resends it.  This resend is now originating from the server and so we do not rerun SA as we have a rule that all email that originates on the server do not run SA.   However, the old SA headers are still being picked up by rules.  I thought that sa-exim would remove the old headers<br></blockquote><br>Yep, the code says so.<br><br>But my guess is that mailman resends your Email outside without filtering it<br>through SA-Exim since it's local Email and therefore not spam.<br>If you want to remove those SA-Exim headers, they'd have to be removed<br>by Exim's remote_smtp transport before you send your mailman messages back out.<br></div></blockquote><div><br></div><div>I will look at the stuff below and try it out or something similar.</div><div><br></div><div>SA-exim does seem to get run again on the resend though, since the headers</div><div><br></div><div><blockquote type="cite"><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span style="font-family: Helvetica; font-size: medium; color: rgb(0, 0, 0); "><b>x-sa-exim-connect-ip: </b></span><span style="font-family: Helvetica; font-size: medium; ">209.41.94.251<br></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span style="font-family: Helvetica; font-size: medium; color: rgb(0, 0, 0); "><b>x-sa-exim-mail-from: </b></span><span style="font-family: Helvetica; font-size: medium; "><a href="mailto:roselawn-bounces@object.com">roselawn-bounces@object.com</a><br></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><span style="font-family: Helvetica; font-size: medium; color: rgb(0, 0, 0); "><b>x-sa-exim-scanned: </b></span><span style="font-family: Helvetica; font-size: medium; ">No (on <a href="http://mail.object.com/">mail.object.com</a>); SAEximRunCond expanded to false</span></div></blockquote><br></div><div>are there from the second time.  It does not run the scanner, but sa-exim glue is run and it inserts the headers!  Am I understanding it wrong?</div><br><blockquote type="cite"><div><br>remote_smtp:<br>  debug_print = "T: remote_smtp for $local_part@$domain"<br>  driver = smtp<br>  # This deals with misocnfigurations like this one that redirect mail to us<br>  # (i.e. 'mail' is unqualified and resolves back to us)<br>  # <a href="http://worldclasssportfishing.net">worldclasssportfishing.net</a>      MX      30 mail<br>  dns_qualify_single = false<br>  # This fixes a problem if TLS is enabled where a misunderstanding on the RFC<br>  # can cause comunication failure between two hosts<br>  hosts_nopass_tls = *<br>  hosts_avoid_tls = +hosts_avoid_tls<br>  hosts_try_auth = +hosts_try_auth<br>  # This is generally set on messages originating from local users and it tells<br>  # SA-Exim not to scan the message or that the message was scanned.<br>  # Let's remove these headers if the message is sent remotely<br>  headers_remove = "X-SA-Do-Not-Run:X-SA-Exim-Scanned:X-SA-Exim-Rcpt-From:X-SA-Exim-Rcpt-To:X-SA-Exim-Ver<br>sion"<br><br><br>Marc<br>-- <br>"A mouse is a device used to point at the xterm you want to type in" - A.S.R.<br>Microsoft is to operating systems & security ....<br>                                      .... what McDonalds is to gourmet cooking<br>Home page: <a href="http://marc.merlins.org/">http://marc.merlins.org/</a>  <br></div></blockquote></div><br></body></html>