From 74e0617f5ad5aa05f6e19f7b7cf6ecfe039749f6 Mon Sep 17 00:00:00 2001 From: Philip Hazel Date: Tue, 29 Mar 2005 09:49:49 +0000 Subject: [PATCH] Add examples of virus and spam scanning to the default configuration. --- doc/doc-txt/ChangeLog | 7 ++++- src/src/configure.default | 60 +++++++++++++++++++++++++++++++++++---- 2 files changed, 61 insertions(+), 6 deletions(-) diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index a732ae6ef..ed449756f 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -1,4 +1,4 @@ -$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.99 2005/03/22 16:52:06 ph10 Exp $ +$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.100 2005/03/29 09:49:49 ph10 Exp $ Change log file for Exim from version 4.21 ------------------------------------------- @@ -77,6 +77,11 @@ PH/13 If "headers_add" in a transport didn't end in a newline, Exim printed TF/01 Added $received_time. +PH/14 Modified the default configuration to add an acl_smtp_data ACL, with + commented out examples of how to interface to a virus scanner and to + SpamAssassin. Also added commented examples of av_scanner and + spamd_address settings. + A note about Exim versions 4.44 and 4.50 ---------------------------------------- diff --git a/src/src/configure.default b/src/src/configure.default index 6a29ec50d..5671746d6 100644 --- a/src/src/configure.default +++ b/src/src/configure.default @@ -1,4 +1,4 @@ -# $Cambridge: exim/src/src/configure.default,v 1.1 2004/10/07 10:39:01 ph10 Exp $ +# $Cambridge: exim/src/src/configure.default,v 1.2 2005/03/29 09:49:49 ph10 Exp $ ###################################################################### # Runtime configuration file for Exim # @@ -100,15 +100,34 @@ hostlist relay_from_hosts = 127.0.0.1 # SMTP mail by using the loopback address. A number of MUAs use this method of # sending mail. - # All three of these lists may contain many different kinds of item, including # wildcarded names, regular expressions, and file lookups. See the reference -# manual for details. The lists above are used in the access control list for -# incoming messages. The name of this ACL is defined here: +# manual for details. The lists above are used in the access control lists for +# checking incoming messages. The names of these ACLs are defined here: acl_smtp_rcpt = acl_check_rcpt +acl_smtp_data = acl_check_data + +# You should not change those settings until you understand how ACLs work. + + +# If you are running a version of Exim that was compiled with the content- +# scanning extension, you can cause incoming messages to be automatically +# scanned for viruses. You have to modify the configuration in two places to +# set this up. The first of them is here, where you define the interface to +# your scanner. This example is typical for ClamAV; see the manual for details +# of what to set for other virus scanners. The second modification is in the +# acl_check_data access control list (see below). -# You should not change that setting until you understand how ACLs work. +# av_scanner = clamd:/tmp/clamd + + +# For spam scanning, there is a similar option that defines the interface to +# SpamAssassin. You do not need to set this if you are using the default, which +# is shown in this commented example. As for virus scanning, you must also +# modify the acl_check_data access control list to enable spam scanning. + +# spamd_address = 127.0.0.1 783 # Specify the domain you want to be added to all unqualified addresses @@ -344,6 +363,37 @@ acl_check_rcpt: deny message = relay not permitted +# This ACL is used after the contents of a message have been received. This +# is the ACL in which you can test a message's headers or body, and in +# particular, this is where you can invoke external virus or spam scanners. +# Some suggested ways of configuring these tests are shown below, commented +# out. Without any tests, this ACL accepts all messages. If you want to use +# such tests, you must ensure that Exim is compiled with the content-scanning +# extension (WITH_CONTENT_SCAN=yes in Local/Makefile). + +acl_check_data: + + # Deny if the message contains a virus. Before enabling this check, you + # must install a virus scanner and set the av_scanner option above. + # + # deny malware = * + # message = This message contains a virus ($malware_name). + + # Add headers to a message if it is judged to be spam. Before enabling this, + # you must install SpamAssassin. You may also need to set the spamd_address + # option above. + # + # warn spam = nobody + # message = X-Spam_score: $spam_score\n\ + # X-Spam_score_int: $spam_score_int\n\ + # X-Spam_bar: $spam_bar\n\ + # X-Spam_report: $spam_report + + # Accept the message. + + accept + + ###################################################################### # ROUTERS CONFIGURATION # -- 2.30.2