Differences between version 22 and predecessor to the previous major change of EximMailFilter.
Other diffs: Previous Revision, Previous Author, or view the Annotated Edit History
| Newer page: | version 22 | Last edited on Thursday, November 17, 2005 11:17:41 am | by CraigBox | Revert |
| Older page: | version 14 | Last edited on Wednesday, June 8, 2005 11:37:22 am | by CraigBox | Revert |
@@ -85,8 +85,21 @@
<pre>
# itp: set SpamAssassin path
#
spamd_address = 127.0.0.1 783
+</pre>
+
+If you are running SpamAssassin on the local machine and don't like the idea of opening any more TCP sockets than you have to, add the following to the /etc/default/spamassassin OPTIONS line:
+<pre>
+--socketpath=/var/run/spamd.ctl
+</pre>
+
+and set exim's configuration to read:
+
+<pre>
+# itp: set SpamAssassin path
+#
+spamd_address = /var/run/spamd.ctl
</pre>
!Really spammy stuff
@@ -189,4 +202,73 @@
deny message = Serious MIME defect detected ($demime_reason)
demime = *
condition = ${if >{$demime_errorlevel}{2}{1}{0}}
</pre>
+
+Recent exiscans (including the one included with Exim 4.50) have deprecated demime, instead adding a acl_smtp_mime ACL. This is more powerful than the precvious demime, but as always, is more complex to get the above features.
+
+See http://www.exim.org/mail-archives/exim-users/Week-of-Mon-20050523/msg00117.html for a thread on this. (there are many typo's in the original post that are fixed below). Add something like the following:
+
+<pre>
+ # Decode MIME parts to disk. This will support virus scanners later.
+ deny
+ decode = default
+ condition = ${if > {$mime_anomaly_level}{2} \
+ {true}{false}}
+ message = This message contains a MIME error ($mime_anomaly_text)
+ log_message = DENY: MIME Error ($mime_anomaly_text)
+
+ # Too many MIME parts
+ #
+ deny
+ condition = ${if >{$mime_part_count}{1024}{yes}{no}}
+ message = MIME error: Too many parts (max 1024)
+ log_message = DENY: MIME Error (Too many MIME parts: $mime_part_count)
+
+ # Excessive line length
+ #
+ # BEWARE: Exim 4.50 has a bug that means regex's don't work in the MIME ACL. Don't use
+ # in that case !
+ deny
+ regex = ^.{131071}
+ message = MIME error: Line length in message or single header exceeds 131071.
+ log_message = DENY: MIME Error (Maximum line length exceeded)
+
+ # Partial message
+ #
+ deny
+ condition = ${if eq {$mime_content_type}{message/partial}{yes}{no}}
+ message = MIME error: MIME type message/partial not allowed here
+ log_message = DENY: MIME Error (MIME type message/partial found)
+
+ # Filename length too long (> 255 characters)
+ #
+ deny
+ condition = ${if >{${strlen:$mime_filename}}{255}{yes}{no}}
+ message = MIME error: Proposed filename exceeds 255 characters
+ log_message = DENY: MIME Error (Proposed filename too long)
+
+ # MIME boundary length too long (> 1024)
+ #
+ deny
+ condition = ${if >{${strlen:$mime_boundary}}{1024}{yes}{no}}
+ message = MIME error: MIME boundary length exceed 1024 characters
+ log_message = DENY: MIME Error (Boundary length too long)
+
+ # File extension filtering.
+ deny
+ condition = ${if match \
+ {${lc:$mime_filename}} \
+ {\N(\.bat|\.btm|\.cmd|\.com|\.cpl|\.dll|\.exe|\.lnk|\.msi|\.pif|\.prf|\.reg|\.scr|\.vbs|\.url)$\N} \
+ {1}{0}}
+ message = Blacklisted file extension detected in "$mime_filename". If you legitimately need to send these files please zip them first.
+ log_message = DENY: Blacklisted extension ("$mime_filename")
+
+ # accept otherwise
+ accept
+</pre>
+
+Unfortunately because of a bug in exim 4.50 you may see "cannot test regex condition in MIME ACL". This stops you doing the Line Length check. This is described here:
+
+http://www.exim.org/mail-archives/exim-users/Week-of-Mon-20050307/msg00131.html
+
+You can tweak the values for Proposed filename, MIME boundary length and Line Length to work for your users Some mailers conform more strictly to the MIME spec than others.
