Hi Eximers,
Version: Exim 3.16
I am having trouble with a very persistent spamer (crosswinds.net)
that I can't seem to rid myself off. I have tried 2 things;
1) Created a sender_reject_recipients dbm, with the domain and the
domains that it relays through listed.
2) Created a filter file for the user (who is no longer at the
company) and asked to fail everything unless its an error. However i
am fairly sure that the filter is not being processed as the user is not
in the aliases file. The filter is below.
The problem is that the I can only update the dbm after the spam
has got through. So once they find a new relay my old dbm offers
no protections.
Another problem is although the recipient is no longer at this
company, and hence is not in the alias file, mail is still being
received for him.
The only consistent part of the message that I can use against them
is the "received from:" header. I am considering the following
options:
1) Re-create the olduser and add a "if $header_received contains
crosswinds.net then fail" to the filter file below.
2) Re-create the user and removing the "if error_message" trap in
the filter file.
3) Change the per-address filter to a single system-wide filter and
use the $header_received to filter out crosswinds.net. Is it possible
to have both?
If anyone has any other suggestions, would recommend any one of
the 3 options above, or can guide me to some info in the manual
that will prove useful, I'd like to hear from them.
Thanx
Dp.
#Exim filter
if error_message then finish endif
if ${local_part} contains "olduser"
then fail text "Not a valid user and this looks like spam."
endif
~~
Dermot Paikkos * dermot@???
Network Administrator @ Science Photo Library
Phone: 0207 432 1100 * Fax: 0207 286 8668