725c9874 |
1 | |
2 | ### acl/40_exim4-config_check_data |
3 | ################################# |
4 | |
d2b0a567 |
5 | # This ACL is used after the contents of a message have been received. This |
6 | # is the ACL in which you can test a message's headers or body, and in |
7 | # particular, this is where you can invoke external virus or spam scanners. |
8 | |
725c9874 |
9 | acl_check_data: |
10 | |
11 | # Deny unless the address list headers are syntactically correct. |
12 | # |
13 | # If you enable this, you might reject legitimate mail. |
14 | .ifdef CHECK_DATA_VERIFY_HEADER_SYNTAX |
15 | deny |
16 | message = Message headers fail syntax check |
17 | !acl = acl_whitelist_local_deny |
18 | !verify = header_syntax |
19 | .endif |
20 | |
21 | |
22 | # require that there is a verifiable sender address in at least |
23 | # one of the "Sender:", "Reply-To:", or "From:" header lines. |
24 | .ifdef CHECK_DATA_VERIFY_HEADER_SENDER |
25 | deny |
26 | message = No verifiable sender address in message headers |
27 | !acl = acl_whitelist_local_deny |
28 | !verify = header_sender |
29 | .endif |
30 | |
31 | |
d2b0a567 |
32 | # Deny if the message contains malware. Before enabling this check, you |
33 | # must install a virus scanner and set the av_scanner option in the |
34 | # main configuration. |
35 | # |
36 | # exim4-daemon-heavy must be used for this section to work. |
37 | # |
38 | # deny |
39 | # malware = * |
40 | # message = This message was detected as possible malware ($malware_name). |
41 | |
42 | |
43 | # Add headers to a message if it is judged to be spam. Before enabling this, |
44 | # you must install SpamAssassin. You also need to set the spamd_address |
45 | # option in the main configuration. |
46 | # |
47 | # exim4-daemon-heavy must be used for this section to work. |
48 | # |
49 | # Please note that this is only suiteable as an example. There are |
50 | # multiple issues with this configuration method. For example, if you go |
51 | # this way, you'll give your spamassassin daemon write access to the |
52 | # entire exim spool which might be a security issue in case of a |
53 | # spamassassin exploit. |
54 | # |
55 | # See the exim docs and the exim wiki for more suitable examples. |
56 | # |
57 | # warn |
58 | # spam = Debian-exim:true |
59 | # message = X-Spam_score: $spam_score\n\ |
60 | # X-Spam_score_int: $spam_score_int\n\ |
61 | # X-Spam_bar: $spam_bar\n\ |
62 | # X-Spam_report: $spam_report |
63 | |
06b25c81 |
64 | # hcoop-change: Our more-competent solution |
65 | warn |
66 | # Only run through spamassassin if the user wants this |
67 | condition = ${if exists{/etc/spamassassin/addrs/${local_part}@${domain}}\ |
68 | {yes}{no}} |
69 | spam = nobody:true |
70 | add_header = X-Spam-Score: $spam_score ($spam_bar) |
71 | add_header = X-Spam-Report: $spam_report |
72 | |
d2b0a567 |
73 | |
725c9874 |
74 | # This hook allows you to hook in your own ACLs without having to |
75 | # modify this file. If you do it like we suggest, you'll end up with |
76 | # a small performance penalty since there is an additional file being |
77 | # accessed. This doesn't happen if you leave the macro unset. |
78 | .ifdef CHECK_DATA_LOCAL_ACL_FILE |
79 | .include CHECK_DATA_LOCAL_ACL_FILE |
80 | .endif |
81 | |
82 | |
83 | # accept otherwise |
84 | accept |