X-Spam-Score Beachtung in /etc/aliases

Postfix, QMail, Sendmail, Dovecot, Cyrus, Courier, Anti-Spam
mk
Posts: 18
Joined: 2005-09-27 10:44

X-Spam-Score Beachtung in /etc/aliases

Post by mk » 2006-10-22 13:08

Hallo,
eine Frage zum Zusammenspiel von Exim, SA und /etc/aliases.
Ich habe seit geraumer Zeit die (v)Exim/SA/mailman Installation am laufen und es funktioniert auch wunderbar. Bis auf den einen Punkt, dass in mails an Einträge in /etc/aliases der X-Spam-Score geschrieben aber nicht beachtet wird. (seit dem letzten upgrade auf 4.50-8?)
In /etc/aliases stehen postmaster, root und abuse, die an eine Admin-Adresse weitergeleitet werden.

Code: Select all

postmaster: root
abuse: root
root: admin@domain.tld
Mails an root/abuse/postmaster@jede-virtuelle.tld gehen an admin@domain.tld.

Da mein Bedarf an Anatrim, VdIAGRA etc langsam gedeckt ist, meine Frage:
kann mir jemand auf die Sprünge helfen, wo der Fehler liegt? Wie bekomme ich o.g. Adressen auch SA-gefiltert? Neuer Router/Transport, Reihernfolge, ...?

vielen Dank i.v.

Exim: 4.50-8sarge2
SA: 3.1.0a-2
exim4.conf:

Code: Select all

  system_filter = /etc/exim4/system_filter
  system_filter_user = Debian-exim

MAILMAN_HOME=/var/lib/mailman
MAILMAN_WRAP=MAILMAN_HOME/mail/mailman
MAILMAN_USER=list
MAILMAN_GROUP=daemon

MY_IP = ***.***.***.***

VIRTUAL_DOMAINS = SELECT DISTINCT domain FROM domains WHERE type = 'local' AND enabled = '1' AND domain = '${quote_mysql:$domain}'
RELAY_DOMAINS = SELECT DISTINCT domain FROM domains WHERE type = 'relay'  AND domain = '${quote_mysql:$domain}'
ALIAS_DOMAINS = SELECT DISTINCT alias FROM domainalias WHERE alias = '${quote_mysql:$domain}'

domainlist local_domains = @ : ${lookup mysql{VIRTUAL_DOMAINS}} : ${lookup mysql{ALIAS_DOMAINS}}
domainlist relay_to_domains = ${lookup mysql{RELAY_DOMAINS}}
hostlist   relay_from_hosts = localhost
trusted_users = vmail:www-data

hide mysql_servers = localhost::(/var/run/mysqld/mysqld.sock)/vexim/vexim/*******

acl_smtp_rcpt = acl_check_rcpt

acl_smtp_data = acl_check_content

acl_smtp_helo = acl_check_helo

av_scanner = clamd:/var/run/clamav/clamd.ctl

spamd_address = 127.0.0.1 783

exim_user = Debian-exim
exim_group = Debian-exim
never_users = root

host_lookup = *

rfc1413_hosts = *
rfc1413_query_timeout = 0s

ignore_bounce_errors_after = 1d

timeout_frozen_after = 5d

log_selector = +all

begin acl
  .include /etc/exim4/vexim-acl-check-spf.conf
  #.include /usr/local/etc/exim/vexim-acl-check-spf.conf

acl_check_helo:

# Include Vexim specific helo ACLs
  .include /etc/exim4/vexim-acl-check-helo.conf

acl_check_rcpt:

  accept  hosts = :

  .include /etc/exim4/vexim-acl-check-rcpt.conf

  deny    local_parts   = ^.*[@%!/|] : ^\.

  accept  local_parts   = postmaster
          domains       = +local_domains

  accept  domains       = +local_domains
          endpass
          verify        = recipient

  accept  domains       = +relay_to_domains
          endpass
          verify        = recipient

  accept  hosts         = +relay_from_hosts

  accept  authenticated = *

  deny    message       = relay not permitted

acl_check_content:

  .include /etc/exim4/vexim-acl-check-content.conf

  accept
  
begin routers

mailman_router:
  driver = accept
  require_files = MAILMAN_HOME/lists/$local_part/config.pck
  local_part_suffix_optional
  local_part_suffix = -bounces : -bounces+* : 
                      -confirm+* : -join : -leave : 
		      -owner : -request : -admin
  headers_remove = X-Spam-Score:X-Spam-Report
  transport = mailman_transport

dnslookup:
  driver = dnslookup
  domains = ! +local_domains
  transport = remote_smtp
  ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
  no_more

ditch_maxmsgsize:
  driver = redirect
  allow_fail
  condition = ${if >{$message_size}{${lookup mysql{select users.maxmsgsize from users,domains 
  		where localpart = '${quote_mysql:$local_part}' 
		and domain = '${quote_mysql:$domain}' 
		and users.maxmsgsize > 0 
		and users.domain_id=domains.domain_id }{${value}K}fail}} {yes}{no}}
  data = :fail:nYour message is too big.n 
	 	Your message was rejected because the user $local_part@$domainn 
		does not accept messages larger than 
		${lookup mysql{select users.maxmsgsize from users,domains 
		where localpart = '${quote_mysql:$local_part}' 
		and domain = '${quote_mysql:$domain}' 
		and users.maxmsgsize > 0 
		and users.domain_id=domains.domain_id}{${value}K}fail} Kb.
  local_part_suffix = -*
  local_part_suffix_optional
  retry_use_local_part

ditch_malware:
  driver = redirect
  allow_fail
  data = :blackhole:
  condition = ${if and { {match {$h_X-ACL-Warn:}{.*malware.*}} 
                         {eq {${lookup mysql{select users.on_avscan from users,domains 
		                where localpart = '${quote_mysql:$local_part}' 
		                and domain = '${quote_mysql:$domain}'  
		                and users.on_avscan = '1' 
		                and users.domain_id=domains.domain_id}}}{1} }} {yes}{no} }

ditch_spam:
  driver = redirect
  allow_fail
  data = :blackhole:
  condition = ${if >{$spam_score_int}{${lookup mysql{select users.sa_refuse * 10 from users,domains 
                where localpart = '${quote_mysql:$local_part}' 
                and domain = '${quote_mysql:$domain}' 
        	and users.on_spamassassin = '1' 
                and users.domain_id=domains.domain_id 
		and users.sa_refuse > 0 }{$value}fail}} {yes}{no}}
  local_part_suffix = -*
  local_part_suffix_optional
  retry_use_local_part

ditch_hdrmailer:
  driver = redirect
  allow_fail
  data = :blackhole:
  condition = ${if eq {${lookup mysql{select count(*) from blocklists,users,domains 
  			where blocklists.blockhdr = 'x-mailer' 
			and blocklists.blockval = '${quote_mysql:$h_x-mailer:}' 
			and users.localpart = '${quote_mysql:$local_part}' 
  			and domains.domain = '${quote_mysql:$domain}' 
			and domains.domain_id=blocklists.domain_id 
			and users.user_id=blocklists.user_id}}}{1} {yes}{no}}
  local_part_suffix = -*
  local_part_suffix_optional
  retry_use_local_part

ditch_hdrto:
  driver = redirect
  allow_fail
  data = :blackhole:
  condition = ${if eq {${lookup mysql{select count(*) from blocklists,users,domains 
  			where blocklists.blockhdr = 'to' 
			and blocklists.blockval = '${quote_mysql:$h_to:}' 
			and users.localpart = '${quote_mysql:$local_part}' 
  			and domains.domain = '${quote_mysql:$domain}' 
			and domains.domain_id=blocklists.domain_id 
			and users.user_id=blocklists.user_id}}}{1} {yes}{no}}
  local_part_suffix = -*
  local_part_suffix_optional
  retry_use_local_part

ditch_hdrfrom:
  driver = redirect
  allow_fail
  data = :blackhole:
  condition = ${if eq {${lookup mysql{select count(*) from blocklists,users,domains 
  			where blocklists.blockhdr = 'from' 
			and blocklists.blockval = '${quote_mysql:$h_from:}' 
			and users.localpart = '${quote_mysql:$local_part}' 
  			and domains.domain = '${quote_mysql:$domain}' 
			and domains.domain_id=blocklists.domain_id 
			and users.user_id=blocklists.user_id}}}{1} {yes}{no}}
  local_part_suffix = -*
  local_part_suffix_optional
  retry_use_local_part

ditch_hdrsubject:
  driver = redirect
  allow_fail
  data = :blackhole:
  condition = ${if eq {${lookup mysql{select count(*) from blocklists,users,domains 
  			where blocklists.blockhdr = 'subject' 
			and blocklists.blockval = '${quote_mysql:$h_subject:}' 
			and users.localpart = '${quote_mysql:$local_part}' 
  			and domains.domain = '${quote_mysql:$domain}' 
			and domains.domain_id=blocklists.domain_id 
			and users.user_id=blocklists.user_id}}}{1} {yes}{no}}
  local_part_suffix = -*
  local_part_suffix_optional
  retry_use_local_part

virtual_vacation:
  driver = accept
  condition = ${if and { {!match {$h_precedence:}{(?i)junk|bulk|list}} 
                         {eq {${lookup mysql{select users.on_vacation from users,domains 
		                where localpart = '${quote_mysql:$local_part}' 
		                and domain = '${quote_mysql:$domain}'  
		                and users.on_vacation = '1' 
		                and users.domain_id=domains.domain_id}}}{1} }} {yes}{no} }
  no_verify
  no_expn
  unseen
  transport = virtual_vacation_delivery

virtual_forward:
  driver = redirect
  check_ancestor
  data = ${lookup mysql{select forward from users,domains 
	where localpart='${quote_mysql:$local_part}' 
	and domain='${quote_mysql:$domain}' 
	and users.domain_id=domains.domain_id 
	and on_forward = '1'}}
  # We explicitly make this condition NOT forward mailing list mail!
  condition = ${if and { {!match {$h_precedence:}{(?i)junk|bulk|list}} 
                         {eq {${lookup mysql{select users.on_forward from users,domains 
		                where localpart = '${quote_mysql:$local_part}' 
		                and domain = '${quote_mysql:$domain}'  
		                and users.on_forward = '1' 
		                and users.domain_id=domains.domain_id}}}{1} }} {yes}{no} }
  
virtual_domains:
  driver = redirect
  allow_fail
  data = ${lookup mysql{select smtp from users,domains 
  		where localpart = '${quote_mysql:$local_part}' 
		and domain = '${quote_mysql:$domain}' 
		and domains.enabled = '1' 
		and users.enabled = '1' 
		and users.domain_id = domains.domain_id}}
  headers_add = ${if >{$spam_score_int}{${lookup mysql{select users.sa_tag * 10 from users,domains 
  		where localpart = '${quote_mysql:$local_part}' 
		and domain = '${quote_mysql:$domain}' 
		and users.on_spamassassin = '1' 
		and users.domain_id=domains.domain_id }{$value}fail}} {X-Spam-Flag: YESn}{} }
  headers_remove = ${if or { { <{$spam_score_int}{1} } 
  			     { <{$spam_score_int}{${lookup mysql{select users.sa_tag * 10 from users,domains 
			       where localpart = '${quote_mysql:$local_part}' 
			       and domain = '${quote_mysql:$domain}' 
			       and users.on_spamassassin = 1 
			       and users.domain_id=domains.domain_id}{$value}fail}} } 
			     { eq {0}{${lookup mysql{select users.sa_tag * 10 from users,domains 
			       where localpart = '${quote_mysql:$local_part}' 
			       and domain = '${quote_mysql:$domain}' 
			       and users.on_spamassassin = 0 
			       and users.domain_id=domains.domain_id}{$value}fail}}} 
			   } {X-Spam-Score:X-Spam-Report} }
  local_part_suffix = -*
  local_part_suffix_optional
  retry_use_local_part
  file_transport = virtual_delivery
  reply_transport = address_reply
  pipe_transport = address_pipe
  
virtual_domains_catchall:
  driver = redirect
  allow_fail
  data = ${lookup mysql{select smtp from users,domains where localpart = '*' 
  		and domain = '${quote_mysql:$domain}' 
		and users.domain_id = domains.domain_id}}
  retry_use_local_part
  file_transport = virtual_delivery
  reply_transport = address_reply
  pipe_transport = address_pipe_catchall

virtual_domain_alias:
  driver = redirect
  allow_fail
  data = ${lookup mysql{select concat('${quote_mysql:$local_part}@', domain) 
  		from domains,domainalias where domainalias.alias = '${quote_mysql:$domain}' 
		and domainalias.domain_id = domains.domain_id}}
  retry_use_local_part

system_aliases:
  driver = redirect
  allow_fail
  allow_defer
  data = ${lookup{$local_part}lsearch{/etc/aliases}}
  user = Debian-exim
  group = Debian-exim
  file_transport = address_file
  pipe_transport = address_pipe

localuser:
  driver = accept
  check_local_user
  transport = local_delivery
  cannot_route_message = Unknown user

begin transports

mailman_transport:
  driver = pipe
  command = MAILMAN_WRAP 
            '${if def:local_part_suffix 
                  {${sg{$local_part_suffix}{-(\w+)(\+.*)?}{$1}}} 
                  {post}}' 
            $local_part
  current_directory = MAILMAN_HOME
  home_directory = MAILMAN_HOME
  user = MAILMAN_USER
  group = MAILMAN_GROUP

remote_smtp:
  driver = smtp

local_delivery:
  driver = appendfile
  file = /var/mail/$local_part
  delivery_date_add
  envelope_to_add
  return_path_add
  group = mail
  user = $local_part
  mode = 0660
  no_mode_fail_narrower

virtual_delivery:
  driver = appendfile
  envelope_to_add
  return_path_add
  mode = 0600
  maildir_format = true
  create_directory = true
  directory = ${lookup mysql{select smtp from users,domains 
		where localpart = '${quote_mysql:$local_part}' 
		and domain = '${quote_mysql:$domain}' 
		and users.domain_id = domains.domain_id}}
  user = ${lookup mysql{select users.uid  from users,domains 
		where localpart = '${quote_mysql:$local_part}' 
		and domain = '${quote_mysql:$domain}' 
		and users.domain_id = domains.domain_id}}
  group = ${lookup mysql{select users.gid from users,domains 
		where localpart = '${quote_mysql:$local_part}' 
		and domain = '${quote_mysql:$domain}' 
		and users.domain_id = domains.domain_id}}
  quota = ${lookup mysql{select users.quota from users,domains 
  		where localpart = '${quote_mysql:$local_part}' 
		and domain = '${quote_mysql:$domain}' 
		and users.domain_id = domains.domain_id}{${value}M}}
  quota_is_inclusive = false
  #quota_size_regex = ,S=(d+):
  quota_warn_threshold = 75%
  maildir_use_size_file = false
  quota_warn_message = "To: $local_part@$domainn
  			Subject: Mailbox quota warningnn
			This message was automatically generated by the mail delivery software.nn
			You are now using over 75% of your allocated mail storage quota.nn
			If your mailbox fills completely, further incoming messages will be automaticallyn
			returned to their senders.nn
			Please take note of this and remove unwanted mail from your mailbox.n"

virtual_vacation_delivery:
  driver   = autoreply
  from     = "${local_part}@${domain}"
  to       = ${sender_address}
  subject  = "Autoreply from ${local_part}@${domain}"
  text     = ${lookup mysql{select vacation from users,domains 
		where domain='${quote_mysql:$domain}' 
		and localpart='${quote_mysql:$local_part}' 
		and users.domain_id=domains.domain_id}}

address_pipe:
  driver = pipe
  return_output
  user = ${lookup mysql{select users.uid from users,domains where localpart = '${quote_mysql:$local_part}' and domain = '${quote_mysql:$domain}' and users.domain_id = domains.domain_id}}
  group = ${lookup mysql{select users.gid from users,domains where localpart = '${quote_mysql:$local_part}' and domain = '${quote_mysql:$domain}' and users.domain_id = domains.domain_id}}

address_pipe_catchall:
  driver = pipe
  return_output
  user = ${lookup mysql{select users.uid from users,domains where localpart = '*' and domain = '${quote_mysql:$domain}' and users.domain_id = domains.domain_id}}
  group = ${lookup mysql{select users.gid from users,domains where localpart = '*' and domain = '${quote_mysql:$domain}' and users.domain_id = domains.domain_id}}

address_pipe_local:
  driver = pipe
  return_output

address_file:
  driver = appendfile
  delivery_date_add
  envelope_to_add
  return_path_add

address_reply:
  driver = autoreply

begin retry

*                      *           F,2h,15m; G,16h,1h,1.5; F,4d,6h

begin rewrite

begin authenticators

plain_login:
        driver = plaintext
        public_name = PLAIN
        server_condition = ${lookup mysql{SELECT '1' FROM users 
				WHERE username = '${quote_mysql:$2}' 
				AND clear = '${quote_mysql:$3}'} {yes}{no}}
        server_set_id = $2

fixed_login:
        driver = plaintext
        public_name = LOGIN
        server_prompts = "Username:: : Password::"
        server_condition = ${lookup mysql{SELECT '1' FROM users 
				WHERE username = '${quote_mysql:$1}' 
				AND clear = '${quote_mysql:$2}'} {yes}{no}}                    
        server_set_id = $1

fixed_cram:
        driver = cram_md5
        public_name = CRAM-MD5
        server_secret = ${lookup mysql{SELECT clear FROM users 
				WHERE username = '${quote_mysql:$1}'}{$value}fail}
        server_set_id = $1


Roger Wilco
Administrator
Administrator
Posts: 6001
Joined: 2004-05-23 12:53

Re: X-Spam-Score Beachtung in /etc/aliases

Post by Roger Wilco » 2006-10-22 13:56

Einfach den system_aliases Router etwas abändern, so dass die Kette mit der richtigen Adresse wieder von vorne durchlaufen wird. Bei mir sieht das folgendermaßen aus:

Code: Select all

system_aliases:
  driver = redirect
  allow_fail
  allow_defer
  data = ${lookup{$local_part}lsearch{/etc/mail/aliases}}
  retry_use_local_part
Wenn du die Aliase gar nicht mehr haben willst (schlechte Idee), entferne den Router. Dann musst du root@, postmaster@ usw. aber selbst explizit anlegen.

mk
Posts: 18
Joined: 2005-09-27 10:44

Re: X-Spam-Score Beachtung in /etc/aliases

Post by mk » 2006-10-24 00:45

Roger Wilco wrote:Wenn du die Aliase gar nicht mehr haben willst (schlechte Idee), entferne den Router. Dann musst du root@, postmaster@ usw. aber selbst explizit anlegen.
Nee, die sollen schon sein.
Danke, funktioniert wie eine eins!
Es rutscht zwar noch die eine oder andere >5 gescore'te Mistmail durch, aber das scheint ein anderes Problem zu sein.
Vielen Dank (mal wieder) für die Hilfe.