Rev 6 | Rev 67 | Go to most recent revision | Blame | Compare with Previous | Last modification | View Log | RSS feed
********************************* SHOULD YOU USE THIS PACKAGE? *********************************Since version 4.50, Exim has the content-scanning extension formerlyknown as "exiscan" built-in. It has a number of advantages anddisadvantages compared to SA-Exim.Advantages of built-in content-scanning interface:* One less configuration file to edit.* Spam control policy integrates better with Exim's ACL system.* It's possible to tell SA which user to scan for (the -u parameter ofspamc). SA-Exim can't do that (yet).* Finer control over the mail header is possible, but not in a cleanway (it involves putting all header fields you might possibly wantto add in the report template, and using rather complicatedexpansion expressions to extract the wanted ones from$spam_report). At any rate, you can choose a prefix different from"X-Spam-".Advantages of SA-Exim:* It is possible to use the report_safe feature, which turns maildeemed to be spam into a message/rfc822 attachment of a reportmessage. (Note however that if you do, then any X-SA-* fields addedto help the greylisting module can't be removed.)* All the add_header and rewrite_header options in/etc/spamassassin/local.cf will be obeyed. In other words,everything will be *almost* as if you filtered the mail throughspamassassin on the command line.* So-called teergrubing ("tarpitting") is possible in a way thatisn't possible with exiscan (I'm not in any way saying that itworks as a counterattack against spammers).* You can simply add the sa-exim package to a standard exim4installation and it should, in principle, instantly work (exceptyou have to uncomment one line in sa-exim.conf).Both alternatives enable you to defer, greylist, reject, and blackholemail, optionally saving copies, at configurable score levels.****************** CONFIGURATION ******************This version of the sa-exim package defaults to placing a configurationsniplet in /etc/exim4/conf.d/. Depending on what you have answered to theDebConf questions while configuring Exim4, the module will be loadedautomatically, or human intervention is required.To find out what configuration file Exim4 is using, issue:$ exim4 -bV | tail -1Configuration file is /path/to/configfileIf /path/to/configfile shows:- /etc/exim4/exim4.confYou are using the hand-crafted configuration file.See the 'HAND-CRAFTED' section below.- /var/lib/exim4/config.autogeneratedYou are using the debianized configuration scheme - with either'split' or 'unsplit' configuration file.See the 'DEBIANIZED' section below.HAND-CRAFTED------------Use 'grep "local_scan_path" /etc/exim4/exim4.conf" to see if the sa-eximline is included in the configuration. If grep returns something, checkif it matches the following line. If grep returns nothing, you have tomanually add the following line to the exim4.conf file and restart exim4.local_scan_path = /usr/lib/exim4/local_scan/sa-exim.soChange or add the line above and manually restart exim4 by issuing'invoke-rc.d exim4 reload' or '/etc/init.d/exim4 reload' as root.DEBIANIZED----------Use 'grep "local_scan_path" /var/lib/exim4/config.autogenerated' tosee if the sa-exim line is included in the configuration. If grepreturns something, you're set and already using the sa-exim module. Ifgrep returns nothing, we need to figure out a few things:Issue:$ grep "use_split_config" /etc/exim4/update-exim4.conf.confdc_use_split_config='true'If your result shows 'false' where mine shows 'true', then you'reusing the unsplit configuration, generated from/etc/exim4/exim4.conf.template. If you haven't customized that fileyou could edit /etc/exim4/update-exim4.conf.conf by hand, change the'false' to 'true' and issue 'update-exim4.conf' as root. Then, checkagain if the sa-exim module line is included. It should. If it stillisn't: mail me. If it is, restart exim4 by issuing 'invoke-rc.d exim4restart' or '/etc/init.d/exim4 restart' as root. If you *have*customized /etc/exim4/exim4.conf.template, then you'd better stickwith the unsplit configuration scheme and add the local_scan_pathsetting by hand, like with the hand-crafted configuration file.Next, read all about greylisting and sa-exim:**************** GREYLISTING ****************Notes on greylisting with sa-exim.If you use SpamAssassin 3.0 or better, you do not need to patch it, youcan just use the Greylisting module shipped with sa-exim.The only thing you need to do to enable it, is to copy the 4 lines belowloadplugin in the greylisting README, and adjust the score if you wish (seeREADME.Greylisting for details).************************************ PROBLEMS WITH BAYES AUTO-EXPIRY ************************************When scanning mail during the SMTP dialogue there is somewhat limitedtime before the remote host gives up, even if they should wait for atleast ten minutes. To avoid Exim returning a temporary error status,or the remote host giving up prematurely and in some cases for good,SA-Exim overrides Exim's timeout handler and accepts the message ifSpamAssassin takes too long, by default 240 seconds.Using SpamAssassin's Bayesian learning module means that it willautomatically expire old tokens when its database has grown too large.That can take several minutes. If it takes too long, SA-Exim willabort it, meaning that SpamAssassin will run auto-expiry again nexttime, and be aborted, and so on...If this happens, you have a few remedies:1) Set SAtimeout to a higher value in /etc/exim4/sa-exim.conf.2) Run sa-learn --force-expire periodically. How you run it depends onhow you've configured SpamAssassin. Running it as Debian-exim maybe sufficient.2 a) In addition, you can addbayes_auto_expire 0to /etc/spamassassin/local.cf. This may not be a good idea ifSpamAssassin, for whatever reason, is also used as a moretraditional filter from e.g. .procmailrc, as all users will need torun sa-learn --force-expire then.2 b) If you get a lot of mail, consider addingbayes_learn_to_journal 1to local.cf. See the Mail::SpamAssassin::Conf(3) manual page formore information.*********************************** NOTICE ABOUT SPAMC CONFIG FILE ***********************************Recent versions of spamc can read command-line parameters and switchesfrom a configuration file called /etc/spamassassin/spamc.conf. If thatfile specifies conflicting options, it will prevent SA-Exim fromworking. For now, you'll have to make sure that it doesn't.-- Magnus Holmgren <holmgren@debian.org>, Tue, 24 Jun 2008 14:27:59 +0200