Commit | Line | Data |
---|---|---|
de45f55a AM |
1 | |
2 | ### acl/40_exim4-config_check_data | |
3 | ################################# | |
4 | ||
5 | # This ACL is used after the contents of a message have been received. This | |
6 | # is the ACL in which you can test a message's headers or body, and in | |
7 | # particular, this is where you can invoke external virus or spam scanners. | |
8 | ||
9 | acl_check_data: | |
10 | ||
0baa7b9d SB |
11 | # Deny if the message contains an overlong line. Per the standards |
12 | # we should never receive one such via SMTP. | |
13 | # | |
14 | .ifndef IGNORE_SMTP_LINE_LENGTH_LIMIT | |
15 | deny message = maximum allowed line length is 998 octets, \ | |
16 | got $max_received_linelength | |
17 | condition = ${if > {$max_received_linelength}{998}} | |
18 | .endif | |
19 | ||
01e60269 | 20 | # Deny if the headers contain badly-formed addresses. |
de45f55a | 21 | # |
01e60269 | 22 | .ifndef NO_CHECK_DATA_VERIFY_HEADER_SYNTAX |
de45f55a | 23 | deny |
de45f55a AM |
24 | !acl = acl_local_deny_exceptions |
25 | !verify = header_syntax | |
01e60269 AM |
26 | message = header syntax |
27 | log_message = header syntax ($acl_verify_message) | |
de45f55a AM |
28 | .endif |
29 | ||
30 | ||
31 | # require that there is a verifiable sender address in at least | |
32 | # one of the "Sender:", "Reply-To:", or "From:" header lines. | |
33 | .ifdef CHECK_DATA_VERIFY_HEADER_SENDER | |
34 | deny | |
35 | message = No verifiable sender address in message headers | |
36 | !acl = acl_local_deny_exceptions | |
37 | !verify = header_sender | |
38 | .endif | |
39 | ||
40 | ||
41 | # Deny if the message contains malware. Before enabling this check, you | |
42 | # must install a virus scanner and set the av_scanner option in the | |
43 | # main configuration. | |
44 | # | |
45 | # exim4-daemon-heavy must be used for this section to work. | |
46 | # | |
47 | # deny | |
48 | # malware = * | |
49 | # message = This message was detected as possible malware ($malware_name). | |
50 | ||
51 | ||
52 | # Add headers to a message if it is judged to be spam. Before enabling this, | |
01e60269 | 53 | # you must install SpamAssassin. You may also need to set the spamd_address |
de45f55a AM |
54 | # option in the main configuration. |
55 | # | |
56 | # exim4-daemon-heavy must be used for this section to work. | |
57 | # | |
01e60269 AM |
58 | # Please note that this is only suiteable as an example. See |
59 | # /usr/share/doc/exim4-base/README.Debian.gz | |
de45f55a AM |
60 | # |
61 | # See the exim docs and the exim wiki for more suitable examples. | |
62 | # | |
01e60269 | 63 | # # Remove internal headers |
de45f55a | 64 | # warn |
01e60269 AM |
65 | # remove_header = X-Spam_score: X-Spam_score_int : X-Spam_bar : \ |
66 | # X-Spam_report | |
67 | # | |
68 | # warn | |
69 | # condition = ${if <{$message_size}{120k}{1}{0}} | |
70 | # # ":true" to add headers/acl variables even if not spam | |
71 | # spam = nobody:true | |
72 | # add_header = X-Spam_score: $spam_score | |
73 | # add_header = X-Spam_bar: $spam_bar | |
74 | # # Do not enable this unless you have shorted SpamAssassin's report | |
75 | # #add_header = X-Spam_report: $spam_report | |
76 | # | |
77 | # Reject spam messages (score >15.0). | |
78 | # This breaks mailing list and forward messages. | |
79 | # deny | |
80 | # message = Classified as spam (score $spam_score) | |
81 | # condition = ${if <{$message_size}{120k}{1}{0}} | |
82 | # condition = ${if >{$spam_score_int}{150}{true}{false}} | |
de45f55a AM |
83 | |
84 | ||
85 | # This hook allows you to hook in your own ACLs without having to | |
86 | # modify this file. If you do it like we suggest, you'll end up with | |
87 | # a small performance penalty since there is an additional file being | |
88 | # accessed. This doesn't happen if you leave the macro unset. | |
89 | .ifdef CHECK_DATA_LOCAL_ACL_FILE | |
90 | .include CHECK_DATA_LOCAL_ACL_FILE | |
91 | .endif | |
92 | ||
93 | ||
94 | # accept otherwise | |
95 | accept |