Docs: usability of malware ACL condition

diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt
index e4dfb98f9cd133291edb2f00e3ba83af64dc3c09..51c4e01604a848de57ad9fd1d5563fa288a461b0 100644 (file)
--- a/doc/doc-docbook/spec.xfpt
+++ b/doc/doc-docbook/spec.xfpt
@@ -30892,7 +30892,9 @@ the next &%local_parts%& test.
 .cindex "&ACL;" "virus scanning"
 .cindex "&ACL;" "scanning for viruses"
 This condition is available only when Exim is compiled with the
 .cindex "&ACL;" "virus scanning"
 .cindex "&ACL;" "scanning for viruses"
 This condition is available only when Exim is compiled with the

-content-scanning extension. It causes the incoming message to be scanned for
+content-scanning extension
+and only after a DATA command.
+It causes the incoming message to be scanned for

 viruses. For details, see chapter &<<CHAPexiscan>>&.
 
 .vitem &*mime_regex&~=&~*&<&'list&~of&~regular&~expressions'&>
 viruses. For details, see chapter &<<CHAPexiscan>>&.
 
 .vitem &*mime_regex&~=&~*&<&'list&~of&~regular&~expressions'&>


@@ -32680,6 +32682,15 @@ It supports a &"generic"& interface to scanners called via the shell, and
 specialized interfaces for &"daemon"& type virus scanners, which are resident
 in memory and thus are much faster.
 
 specialized interfaces for &"daemon"& type virus scanners, which are resident
 in memory and thus are much faster.
 

+.new
+Since message data needs to have arrived,
+the condition may be only called in ACL defined by
+&%acl_smtp_data%&,
+&%acl_smtp_data_prdr%&,
+&%acl_smtp_mime%& or
+&%acl_smtp_dkim%&
+.wen
+

 A timeout of 2 minutes is applied to a scanner call (by default);
 if it expires then a defer action is taken.
 
 A timeout of 2 minutes is applied to a scanner call (by default);
 if it expires then a defer action is taken.