[prev in list] [next in list] [prev in thread] [next in thread]
List: exim-users
Subject: Re: [exim] =?utf-8?q?Access_=24domain_in_ACL=3F?=
From: Sebastian Nielsen via Exim-users <exim-users () exim ! org>
Date: 2019-09-16 1:34:43
Message-ID: 000001d56c2e$b8519f30$28f4dd90$ () sebbe ! eu
[Download RAW message or body]
[Attachment #2 (multipart/signed)]
You can set the $domain from RCPT in acl_m0 and then use logwrite $acl_m0
when virus is detected. Then you can also have logic for if you want to
overwrite acl_m0 if its already populated, leave it as-is, or append
recipients.
The reason $domain is not available in DATA is that a email can have
multiple recipients on the same server.
-----Ursprungligt meddelande-----
Från: Exim-users <exim-users-bounces+sebastian=sebbe.eu@exim.org> För Rob
Gunther via Exim-users
Skickat: den 16 september 2019 03:27
Till: Exim Mailing List <exim-users@exim.org>
Ämne: Re: [exim] Access $domain in ACL?
Bummer, I see the $domain variable is not available. RTFM and I see the
following note:
15. Data for message ACLs
In the case of RCPT (but not MAIL or DATA), $domain and $local_part are set
from the argument address. The entire SMTP command is available in
$smtp_command.
That sucks, as I don't know who the recipient is the virus-infected message
is.
Yesterday tried to do my scan in the ACL, which works, and then log when a
message contains a virus in a router but there seems to be no way to write
to the log in a router. In the router, I actually do the scan of the virus
scan result and write the message to disk and stop processing. The message
is then picked up and placed in quarantine, so I thought writing to a log
at that point would be good... but can't figure out any way to write to the
log in the router. Is it really not possible, or am I missing it?
On Mon, Sep 16, 2019 at 8:51 AM Rob Gunther <redrob@gmail.com> wrote:
> I am using acl_smtp_data to execute anti-spam/anti-virus checks.
>
> It works fine.
>
> I'm now trying to use logwrite if the result of the scan indicates the
> message contains a virus. That part is also working, when a virus is
> detected I can write to the log.
>
> The problem is, I want to include the domain of the recipient in the log
> but $domain comes up empty.
>
> I can write the spam score and $sender_address_domain without issue.
>
> What is the requirement for $domain to be populated?
>
>
> Rob
>
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
["smime.p7s" (application/pkcs7-signature)]
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic