X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~mdw/git/exim-config/blobdiff_plain/aa935c91390b4ed5f4cab4e9d55e702bd828edfe..5d2f8b656ffbe668f50ac5354dc0b37210032576:/spam.m4 diff --git a/spam.m4 b/spam.m4 index 350dcd2..c51bc36 100644 --- a/spam.m4 +++ b/spam.m4 @@ -25,57 +25,87 @@ DIVERT(null) ###-------------------------------------------------------------------------- ### Spam filtering. -SECTION(global, policy)m4_dnl -spamd_address = CONF_spamd_address CONF_spamd_port - -SECTION(routers, allspam)m4_dnl -## If we're verifying an address and the recipient has a `~/.mail/spam-limit' -## file, then look up the recipient and sender addresses to find a plausible -## limit and insert it into the `address_data' where the RCPT ACL can find -## it. This router always declines, so it doesn't affect the overall outcome -## of the verification. -fetch_spam_limit: +## The Exim documentation tells lies. +## +## : *${run{*<_command_>* *<_args_>*}{*<_string1_>*}{*<_string2_>*}}* +## : The command and its arguments are first expanded separately, [...] +## +## They aren't. The whole command-and-args are expanded together, and then +## split at unquoted spaces. This unpleasant hack sorts out the mess. +m4_define(<:SHQUOTE:>, <:"${rxquote:$1}":>) + +## Utilities for collecting spam limits. +m4_define(<:SPAMLIMIT_CHECK:>, + <:${if match{$1}{\N^-?[0-9]+$\N} {spam_limit=$1} {}}:>) + +m4_define(<:SPAMLIMIT_ROUTER:>, +<:$1: driver = redirect data = :unknown: verify_only = true - local_part_suffix = CONF_user_suffix_list - local_part_suffix_optional = true - check_local_user - address_data = \ + condition = ${if !eq{$acl_c_mode}{submission}} + condition = ${extract{spam_limit}{$address_data}{false}{true}}:>) + +m4_define(<:SPAMLIMIT_SET:>, + <:address_data = \ ${if def:address_data {$address_data}{}} \ - ${if exists {CONF_userconf_dir/spam-limit} \ - {${lookup {$local_part_prefix\ - $local_part\ - $local_part_suffix\ - @$domain/\ - $sender_address} \ - nwildlsearch {CONF_userconf_dir/spam-limit} \ - {spam_limit=$value} \ - {}}} \ - {}} \ - ${if exists {CONF_userconf_dir/spam-limit.userv} \ - {${run {timeout 5s -- \ - userv $local_part exim-spam-limit \ - $sender_address \ - $local_part_prefix \ - $local_part \ - $local_part_suffix \ - @$domain} \ - {${if match{$value}{\N^[0-9]+$\N} \ - {spam_limit=$value} \ - {}}} \ - {}}} \ - {}} + m4_ifelse(<:$2:>, <::>, <::>, <:$2 \ + :>)$1:>) + +m4_define(<:SPAMLIMIT_LOOKUP:>, + <:condition = ${if exists{$1}} + SPAMLIMIT_SET(<:${lookup {$2@$3/$4} nwildlsearch {$1} \ + {SPAMLIMIT_CHECK(<:$value:>)}}:>, <:$5:>):>) + +m4_define(<:SPAMLIMIT_USERV:>, + <:SPAMLIMIT_SET(<:${run {/usr/bin/timeout 5s \ + /usr/bin/userv CONF_userv_opts \ + SHQUOTE($1) exim-spam-limit \ + SHQUOTE($4) \ + SHQUOTE($2) SHQUOTE(@$3)} \ + {SPAMLIMIT_CHECK(<:$value:>)}}:>, <:$5:>):>) + +m4_define(<:GET_ADDRDATA:>, + <:extract{<:$1:>}{${if def:address_data{$address_data}{}}}:>) + +SECTION(global, policy)m4_dnl +spamd_address = CONF_spamd_address CONF_spamd_port SECTION(acl, rcpt-hooks)m4_dnl ## Do per-recipient spam-filter processing. require acl = rcpt_spam SECTION(acl, misc)m4_dnl -rcpt_spam: +skip_spam_check: - ## If the client is trusted, don't bother with any of this. + ## If the client is trusted, or this is a new submission, don't + ## bother with any of this. We will have verified the sender + ## fairly aggressively before granting this level of trust. accept hosts = +trusted + accept condition = ${if eq{$acl_c_mode}{submission}} + + ## If all domains have disabled spam checking then don't check. + accept !condition = $acl_c_spam_check_domain + + ## Otherwise we should check. + deny + +rcpt_spam: + + ## If this is a virtual domain, and it says `spam-check=no', then we + ## shouldn't check spam. But we can't check domains at DATA time, so + ## instead we must track whether all recipients have disabled + ## checking. + warn !domains = ${if exists{CONF_sysconf_dir/domains.conf} \ + {partial0-lsearch; CONF_sysconf_dir/domains.conf} \ + {}} + set acl_c_spam_check_domain = true + warn !condition = $acl_c_spam_check_domain + condition = DOMKV(spam-check, {${expand:$value}}{true}) + set acl_c_spam_check_domain = true + + ## See if we should do this check. + accept acl = skip_spam_check ## Always accept mail to `postmaster'. Currently this is not ## negotiable; maybe a tweak can be added to `domains.conf' if @@ -87,12 +117,17 @@ rcpt_spam: ## during recipient verification. (This just saves duplicating this ## enormous expression.) warn set acl_m_this_spam_limit = \ - ${sg {${extract {spam_limit} \ - {${if def:address_data \ - {$address_data}{}}} \ - {$value}{nil}}} \ + ${sg {${GET_ADDRDATA(spam_limit){$value}{nil}}} \ {^(|.*\\D.*)\$}{CONF_spam_max}} + warn condition = ${GET_ADDRDATA(user){true}{false}} + set acl_m_spam_users = \ + ${if def:acl_m_spam_users {$acl_m_spam_users::}{}}\ + ${GET_ADDRDATA(user) \ + {$value=${sg{$local_part@$domain}\ + {([!:])}{!\$1}}} \ + fail} + ## If there's a spam limit already established, and it's different ## from this user's limit, then the sender will have to try this user ## again later. @@ -111,27 +146,23 @@ rcpt_spam: ## All done. accept -SECTION(acl, data-spam)m4_dnl +SECTION(acl, data-hooks)m4_dnl ## Do spam checking. require acl = data_spam SECTION(acl, misc)m4_dnl data_spam: - ## If the client is trusted, don't bother with any of this. - accept hosts = +trusted + ## See if we should do this check. + accept acl = skip_spam_check ## Check header validity. require verify = header_syntax ## Check the message for spam, comparing to the configured limit. - deny spam = exim:true - message = Tinned meat product detected ($spam_score) - condition = ${if >{$spam_score_int}{$acl_m_spam_limit} \ - {true}{false}} + warn spam = exim:true - ## Insert headers from the spam check now that we've decided to - ## accept the message. + ## Format some reporting stuff. warn ## Convert the limit (currently 10x fixed point) into a @@ -178,14 +209,28 @@ data_spam: ## Undo the escaping. set acl_m_spam_tests = ${sg{$acl_m_spam_tests}{!(.)}{\$1}} - ## Insert the headers. - add_header = X-SpamAssassin-Score: \ + ## If we've decided to reject, then leave a dropping in the log file + ## so that users can analyse rejections for incoming messages, and + ## tell the sender to get knotted. + deny message = Tinned meat product detected ($spam_score) + log_message = Spam rejection \ + score=$spam_score \ + limit=$acl_m_spam_limit_presentation \ + tests=$acl_m_spam_tests \ + users=$acl_m_spam_users + condition = ${if >{$spam_score_int}{$acl_m_spam_limit} \ + {true}{false}} + + ## Insert headers from the spam check now that we've decided to + ## accept the message. + warn + ADD_HEADER(<:X-CONF_header_token-SpamAssassin-Score: \ $spam_score/$acl_m_spam_limit_presentation \ - ($spam_bar) - add_header = X-SpamAssassin-Status: \ + ($spam_bar):>) + ADD_HEADER(<:X-CONF_header_token-SpamAssassin-Status: \ score=$spam_score, \ limit=$acl_m_spam_limit_presentation, \n\t\ - tests=$acl_m_spam_tests + tests=$acl_m_spam_tests:>) ## We're good. accept