~mdw
/
exim-config
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
base.m4, vhost.m4: Very hacky DH field-size limitation.
[exim-config]
/
spam.m4
diff --git
a/spam.m4
b/spam.m4
index
350dcd2
..
5d72365
100644
(file)
--- a/
spam.m4
+++ b/
spam.m4
@@
-43,17
+43,21
@@
fetch_spam_limit:
check_local_user
address_data = \
${if def:address_data {$address_data}{}} \
check_local_user
address_data = \
${if def:address_data {$address_data}{}} \
- ${if exists {CONF_userconf_dir/spam-limit} \
+ ${if and {{!eq{$acl_c_mode}{submission}} \
+ {exists {CONF_userconf_dir/spam-limit}}} \
{${lookup {$local_part_prefix\
$local_part\
$local_part_suffix\
@$domain/\
$sender_address} \
nwildlsearch {CONF_userconf_dir/spam-limit} \
{${lookup {$local_part_prefix\
$local_part\
$local_part_suffix\
@$domain/\
$sender_address} \
nwildlsearch {CONF_userconf_dir/spam-limit} \
- {spam_limit=$value} \
+ {${if match{$value}{\N^-?[0-9]+$\N} \
+ {spam_limit=$value} \
+ {}}} \
{}}} \
{}} \
{}}} \
{}} \
- ${if exists {CONF_userconf_dir/spam-limit.userv} \
+ ${if and {{!eq{$acl_c_mode}{submission}} \
+ {exists {CONF_userconf_dir/spam-limit.userv}}} \
{${run {timeout 5s -- \
userv $local_part exim-spam-limit \
$sender_address \
{${run {timeout 5s -- \
userv $local_part exim-spam-limit \
$sender_address \
@@
-61,7
+65,7
@@
fetch_spam_limit:
$local_part \
$local_part_suffix \
@$domain} \
$local_part \
$local_part_suffix \
@$domain} \
- {${if match{$value}{\N^[0-9]+$\N} \
+ {${if match{$value}{\N^
-?
[0-9]+$\N} \
{spam_limit=$value} \
{}}} \
{}}} \
{spam_limit=$value} \
{}}} \
{}}} \
@@
-72,10
+76,21
@@
SECTION(acl, rcpt-hooks)m4_dnl
require acl = rcpt_spam
SECTION(acl, misc)m4_dnl
require acl = rcpt_spam
SECTION(acl, misc)m4_dnl
-
rcpt_spam
:
+
skip_spam_check
:
- ## If the client is trusted, don't bother with any of this.
+ ## If the client is trusted, or this is a new submission, don't
+ ## bother with any of this. We will have verified the sender
+ ## fairly aggressively before granting this level of trust.
accept hosts = +trusted
accept hosts = +trusted
+ accept condition = ${if eq{$acl_c_mode}{submission}}
+
+ ## Otherwise we should check.
+ deny
+
+rcpt_spam:
+
+ ## See if we should do this check.
+ accept acl = skip_spam_check
## Always accept mail to `postmaster'. Currently this is not
## negotiable; maybe a tweak can be added to `domains.conf' if
## Always accept mail to `postmaster'. Currently this is not
## negotiable; maybe a tweak can be added to `domains.conf' if
@@
-118,8
+133,8
@@
SECTION(acl, data-spam)m4_dnl
SECTION(acl, misc)m4_dnl
data_spam:
SECTION(acl, misc)m4_dnl
data_spam:
- ##
If the client is trusted, don't bother with any of this
.
- accept
hosts = +trusted
+ ##
See if we should do this check
.
+ accept
acl = skip_spam_check
## Check header validity.
require verify = header_syntax
## Check header validity.
require verify = header_syntax