Re: SA-Exim and acls



On Fri, Dec 12, 2008 at 05:50:10PM +1030, David Purton wrote:
On Fri, Dec 12, 2008 at 12:34:57AM -0600, lee wrote:
On Fri, Dec 12, 2008 at 12:26:10AM +1030, David Purton wrote:

acl_check_rcpt:
warn hosts = :
set acl_m0 = do-not-scan

then in sa-exim.conf I have

SAEximRunCond: ${if !eq {$acl_m0}{do-not-scan} {1}{0}}


Shouldn't that refer to the hosts exim is relaying mail for? The : in
"warn hosts = :" makes for an empty host list, so what you're trying
to do will not apply to any hosts.

I have an acl for that too - the above is an example that matches for
when exim is called via commandline by an MUA such as mutt.

In that case, there is no SMTP involved, and acl_smtp_rcpt is not
being run. The condition is misplaced, like all the others in the
readme you're using except for the first one. The acl_smtp_rcpt is for
*recipients*, being run for *every* recipient of a message. The other
conditions in the readme need to go into other ACLs, and you need an
extra one for non-smtp messages.

And if your acl_check_rcpt is acl_smtp_rcpt, that doesn't seem the
right place to do it.

I gather it is if you are using sa-exim.

It's about what these ACLs are for. sa-exim doesn't change how exim
does things.

There are some advantages that
I like that sa-exim provides over using exim's exiscan technique as you
are using. The reason for putting the acl in the rcpt is that some
variables are available at the time that spamassassin is called by the
sa-exim plugin - so you set acl_m0 at this point and test it later - at
least I *think* this is how it works.

I'm following the sa-exim readme:

http://marc.merlins.org/linux/exim/files/sa-exim-cvs/README

Take a look at the exim documentation
(http://exim.org/exim-pdf-current/doc/spec.pdf) and at the sample
configuration (/usr/share/doc/exim4/examples/example.conf.gz). The
readme is a good example, just the conditions have been put into the
wrong ACL.

If I can't get it to work, then I might move to using exiscan, but I
like spamassassin's report_safe, which I understood was not available
using exiscan. Is this right?

Isn't report_save a configuration option of spamassassin? If you can
configure spamd that way, it should work. It's easier to set up, too.

But you can get it to work, just put the conditions into the right
ACLs and check how the variables are handled by exim. I think the
acl_m* variables have been designed to carry information from one ACL
to another, so using the right ACLs shouldn't be a problem.


--
"Don't let them, daddy. Don't let the stars run down."
http://adin.dyndns.org/adin/TheLastQ.htm


--
To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx
with a subject of "unsubscribe". Trouble? Contact listmaster@xxxxxxxxxxxxxxxx