Re: [Exim] Lots of Frozen mails on my server

Top Page
Delete this message
Reply to this message
Author: Suresh Ramasubramanian
Date:  
To: exim-users
Subject: Re: [Exim] Lots of Frozen mails on my server
Sanvir Singh Jham [exim-users] <28/06/01 13:02 +0530>:
> Recently an employee left our organisation and his acccount was closed.
> Apparently he had subscribed to a few mailing lists, which he didn't
> unsubscribe when he left.


This rocke2@??? is a spammer. Just block it in your exim config
(rtfm sender_reject)

> So, apparently this guy doen't wan't to receive the bounced mails. What I
> can do is:
> 2. Stop all mails coming from rocke2@??? altogether.


This is much better.

> sender_reject_recipients = rocke2@???


Try this

# mail only from resolvable domains
sender_verify
sender_verify_reject = true
# dont verify anything from our own networks
sender_verify_hosts = !localhost:!rocklines.example.com:0.0.0.0/0
sender_reject = @@partial-lsearch*;/usr/exim322/blocked.senders
# this last line may wrap - careful
prohibition_message = "${lookup{$prohibition_reason}lsearch {/usr/exim322/reject.messages}{${expand:$value}}}"

And then ...

/usr/exim322/blocked.senders (or whatever) is of the format [first few lines
here ... the whole thing comes to over 150 lines]

# block rocke2@???
norman.bay9.com        rocke2
# block all rubbish from cypo.com
cypo.com        *
# block jay@???
newtechcorp.com        jay
# admin__@any-domain is a virus mail
*            admin__ 
# several spammers using vsnl accounts
vsnl.com    linux:gtcdrom:samtec:lunkar:extractsoft:extractsoft1:pauldiamonds:linit
# single user at vsnl bangalore
blr.vsnl.net.in        gtintblr


etc etc.

reject.messages is (this may - rather _will_ wrap)

sender_reject:        Get Lost - No Spammers Allowed Here|Contact postmaster\@example\.com


host_accept_relay:    Host $sender_fullhost not allowed to relay|through $primary_hostname|Contact postmaster\@example\.com


rbl_reject: Host $sender_fullhost is not permitted to send mail to or |\
    through $primary_hostname. |\
    ${if eq {$rbl_domain}{relays.mail-abuse.org} {You have an open SMTP relay\
    which has been used to send spam|See:\
    <URL:http://mail-abuse.org/cgi-bin/nph-rss?query=$sender_host_address>|\
    for details.|}}
    ${if eq {$rbl_domain}{blackholes.mail-abuse.org} {$rbl_text|}}
    ${if eq {$rbl_domain}{dialups.mail-abuse.org} {Dialup connections are not\
    permitted to directly use this mail server.|Please use your ISP's mail\
    server instead.\
    For details $rbl_text|}}
    Please contact postmaster@??? with any questions.


If you use rbl_reject you had better have this in exim's configure file

rbl_domains = blackholes.mail-abuse.org:dialups.mail-abuse.org:relays.mail-abuse.org
rbl_hosts = 0.0.0.0/0
rbl_log_headers         
rbl_log_rcpt_count
recipients_reject_except = postmaster@???:abuse@???


    -suresh


ps - change example.com to whatever your domain is.

--
Suresh Ramasubramanian <--> mallet <at> efn <dot> org
EMail Sturmbannfuhrer, Lower Middle Class Unix Sysadmin