Re: [EXIM] some more details about spam

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Malcolm Ray
Dátum:  
Címzett: Andromeda
CC: exim-users
Tárgy: Re: [EXIM] some more details about spam
> # implement sender blacklisting - Andromeda 11/11/98
>
> sender_reject = "lsearch;/usr/exim/relay/blacklist"
> sender_reject_recipients = "lsearch;/usr/exim/relay/blacklist"


You probably don't want to set both sender_reject and
sender_reject_recipients. The former will cause the mail to be rejected
at the 'MAIL FROM' command with a 550 error, while the latter causes
exim to accept the 'MAIL FROM' but give a 550 when the client sends
the 'RCPT TO'. Setting both won't have the effect I suspect you want.

sender_reject_recipients also gives you the chance to define exceptions
using recipients_reject_except. For example, you might want to allow
those blacklisted to mail postmaster@??? to let you know that
they've cleaned up their act and can be removed from the blacklist...

If you're using sender_reject[_recipients], you might want sender_net_reject
or sender_host_reject also, so that you can block everything from a
particular host or set of hosts. Useful protection against mailbombing,
for example (sender_reject wouldn't help if the bomber sent from '<>',
or used a load of forged addresses).

A couple of points about relay configuration in general:

1. The -bh flag is enormously useful for testing the configuration,
particularly in conjunction with the -C flag, which allows you to test
a new configuration file before inflicting it on your live setup.

2. Beware of addresses which aren't properly reverse-registered in the DNS.
Read the bit in section 41.2 of the manual which refers to PTR records,
and be sure to test your configuration against such addresses. It's easy
to end up rejecting such mail (which is fine if you're allowed to, but
some of us sadly have to live with sites with poor DNS management).

-- 
Malcolm Ray                           University of London Computer Centre




--
*** Exim information can be found at http://www.exim.org/ ***