Since the FreeBsd port of Exim includes Exiscan-ACL, why doesn't DA just install Exim with Exiscan-ACL enabled? It sure would make life easier for ClamAV, demime, and actually rejecting high Spam Assassin scores.
My 3rd party Anti-Virus system for DA (look here), will probably use Exiscan-ACL.
Once it's finished I'll make my free DA distribution available to everyone who uses DA, and I'll also make it available for the DA folk to include it in a future version of DA, modifying and/or extending it as they wish.
In the meantime, I'd rather see DA working on the other things that need to be worked on, since this will soon be available from me.
I was doing a server setup today and frankly I don't like the exim.conf that comes with DA.
I appreciate that you're releasing a anti-virus/spam system, but there are also many others available on the Net. Your product is third party as you say, and I don't see why it's being installed by default with DA. Especially when in the exim.conf (which was installed by DA) it says you wrote part of the exim.conf but yet don't have any afilliation with DirectAdmin. It makes no sense.
My main concern whoever is whether your exim.conf configuration is using RBLs to blacklist emails by default..? IMHO, it is a bad idea(TM) to install Exim in such a state that it may reject perfectly valid emails by default. I'd rather accept emails from blacklisted IPs and rely on SpamAssassin or similar to simply tag emails so that my users can decide what they want to happen to them. For example, SA can use RBLs too, and that way my users can set their own SA configuration (through the DA interface, it's already there) and delete those blacklisted emails straight away, but only if they so wish.
Matt, I see that rldev has had the opportunity to responde before I did.
I my defense; it was not my idea for DA to include my exim.conf file. If they hadn't, I could have made money selling it .
I was happy to let them install it, though .
In DAs defense, they had an exim.conf file which was originally designed for Exim 3.x, and which accepted email for all addresses by default, attempting to return those that were undeliverable. That didn't work in today's world where spam makes up over 80% of email traffic, so they asked to use mine when it became available, and I agreed.
In your defense, let me say that we all know from experience that spam makes up at least 80% of the mail on the Internet. If your servers are powerful enough to run SpamAssassin on email from known spamsources, from which better than 99.99% of the email will be spam, then you certainly shouldn't bother to block.
As you say, SpamAssassin (also a third party solution) will give your endusers much more control.
It's been my epxerience that users don't want control; they want less Spam.
By creating an exim.conf file including both SpamBlocker and SpamAssassin, but leaving both turned off, I've allowed everyone to setup exactly what they want.