lead you to the page.
</simpara>
</listitem>
- <listitem>
- <simpara>
- The Debian Exim 4 packages have their own
- <ulink url="http://pkg-exim4.alioth.debian.org">
- Home Page
- </ulink> which also links to a User FAQ.
- </simpara>
- </listitem>
<listitem>
<para>
The very extensive Upstream documentation is shipped
extremely flexible, allowing you to get exactly the amount of
control you need for the job at hand.
</para>
- <para>
- The <ulink url="http://pkg-exim4.alioth.debian.org"
- type="http">development web page</ulink> contains a lot of
- useful links and other information. The subversion repository
- of the Debian package is available for public read-only access
- and is linked from the development web page.
- </para>
<section> <title>Feature Sets in the daemon packages</title>
<para>
To use Exim 4, you need at least the following packages:
</section>
</section>
</section>
+ <section> <title>Notes on running SpamAssassin at SMTP time</title>
+ <para>
+ Exim can run
+ <ulink url="https://spamassassin.apache.org/">
+ SpamAssassin</ulink> while receiving a message by SMTP which
+ allows one to avoid acceptance of spam messages. The Debian
+ configuration contains some example code for running SpamAssassin,
+ but like all filtering this needs to be handled carefully.
+ </para>
+ <para>
+ SpamAssassin's default report should not be used in a add_header
+ statement since it contains empty lines. (This triggers e.g.
+ Amavis' warning "BAD HEADER SECTION, Improper folded header field
+ made up entirely of whitespace".) This is a safe, terse alternative:
+ <programlisting>
+ clear_report_template
+ report (_SCORE_ / _REQD_ requ) _TESTSSCORES(,)_ autolearn=_AUTOLEARN_
+ </programlisting>
+ </para>
+ <para>
+ Rejecting spam messages: Do not reject spam-messages received on
+ (non-spam) mailing lists, this can/will cause auto-unsubscription.
+ This also applies to messages received via forwarding services
+ (e.g. @debian.org addresses). If theses messages are rejected the
+ forwarding services will need to send a bounce address to the
+ spammer and will probably disable the forwarding if it happens all
+ the time. You will need to have some kind of whitelist to exclude
+ these hosts.
+ </para>
+ <para>
+ Security considerations: By default <command>spamd</command>
+ runs as root and changes uid/gid to the requested user to run
+ SpamAssassin. The example uses SpamAssassin default non-privileged
+ user (nobody) which prevents use of Bayesian filtering since this
+ requires persistent storage. You might want to setup a dedicated
+ user for exim spam scanning and use that one, either for a separate
+ SpamAssassin user profile or to run SpamAssassin as non-privileged
+ user.
+ </para>
+ </section>
</section>
<section> <title>Updating from Exim 3</title>