X-Git-Url: https://git.distorted.org.uk/~mdw/exim-config/blobdiff_plain/aa935c91390b4ed5f4cab4e9d55e702bd828edfe..953ae20e805848f4ad426b82e82c19789e21bbcc:/spam.m4

diff --git a/spam.m4 b/spam.m4
index 350dcd2..c26abcf 100644
--- a/spam.m4
+++ b/spam.m4
@@ -25,6 +25,15 @@ DIVERT(null)
 ###--------------------------------------------------------------------------
 ### Spam filtering.
 
+## The Exim documentation tells lies.
+##
+## : *${run{*<_command_>* *<_args_>*}{*<_string1_>*}{*<_string2_>*}}*
+## :     The command and its arguments are first expanded separately, [...]
+##
+## They aren't.  The whole command-and-args are expanded together, and then
+## split at unquoted spaces.  This unpleasant hack sorts out the mess.
+m4_define(<:SHQUOTE:>, <:"${rxquote:$1}":>)
+
 SECTION(global, policy)m4_dnl
 spamd_address = CONF_spamd_address CONF_spamd_port
 
@@ -43,25 +52,29 @@ fetch_spam_limit:
 	check_local_user
 	address_data = \
 		${if def:address_data {$address_data}{}} \
-		${if exists {CONF_userconf_dir/spam-limit} \
+		${if and {{!eq{$acl_c_mode}{submission}} \
+			  {exists {CONF_userconf_dir/spam-limit}}} \
 		     {${lookup {$local_part_prefix\
 					$local_part\
 					$local_part_suffix\
 					@$domain/\
 					$sender_address} \
 			       nwildlsearch {CONF_userconf_dir/spam-limit} \
-			       {spam_limit=$value} \
+			       {${if match{$value}{\N^-?[0-9]+$\N} \
+				     {spam_limit=$value} \
+				     {}}} \
 			       {}}} \
 		     {}} \
-		${if exists {CONF_userconf_dir/spam-limit.userv} \
+		${if and {{!eq{$acl_c_mode}{submission}} \
+			  {exists {CONF_userconf_dir/spam-limit.userv}}} \
 		     {${run {timeout 5s -- \
-				userv $local_part exim-spam-limit \
-					$sender_address \
-					$local_part_prefix \
-					$local_part \
-					$local_part_suffix \
-					@$domain} \
-			    {${if match{$value}{\N^[0-9]+$\N} \
+				userv SHQUOTE($local_part) exim-spam-limit \
+					SHQUOTE($sender_address) \
+					SHQUOTE($local_part_prefix) \
+					SHQUOTE($local_part) \
+					SHQUOTE($local_part_suffix) \
+					SHQUOTE(@$domain)} \
+			    {${if match{$value}{\N^-?[0-9]+$\N} \
 				  {spam_limit=$value} \
 				  {}}} \
 			    {}}} \
@@ -72,10 +85,21 @@ SECTION(acl, rcpt-hooks)m4_dnl
 	require	 acl = rcpt_spam
 
 SECTION(acl, misc)m4_dnl
-rcpt_spam:
+skip_spam_check:
 
-	## If the client is trusted, don't bother with any of this.
+	## If the client is trusted, or this is a new submission, don't
+	## bother with any of this.  We will have verified the sender
+	## fairly aggressively before granting this level of trust.
 	accept	 hosts = +trusted
+	accept	 condition = ${if eq{$acl_c_mode}{submission}}
+
+	## Otherwise we should check.
+	deny
+
+rcpt_spam:
+
+	## See if we should do this check.
+	accept	 acl = skip_spam_check
 
 	## Always accept mail to `postmaster'.  Currently this is not
 	## negotiable; maybe a tweak can be added to `domains.conf' if
@@ -118,8 +142,8 @@ SECTION(acl, data-spam)m4_dnl
 SECTION(acl, misc)m4_dnl
 data_spam:
 
-	## If the client is trusted, don't bother with any of this.
-	accept	 hosts = +trusted
+	## See if we should do this check.
+	accept	 acl = skip_spam_check
 
 	## Check header validity.
 	require	 verify = header_syntax