Sanvir Singh Jham [exim-users] <28/06/01 13:02 +0530>:
> Recently an employee left our organisation and his acccount was closed.
> Apparently he had subscribed to a few mailing lists, which he didn't
> unsubscribe when he left.
This rocke2@??? is a spammer. Just block it in your exim config
(rtfm sender_reject)
> So, apparently this guy doen't wan't to receive the bounced mails. What I
> can do is:
> 2. Stop all mails coming from rocke2@??? altogether.
This is much better.
> sender_reject_recipients = rocke2@???
Try this
# mail only from resolvable domains
sender_verify
sender_verify_reject = true
# dont verify anything from our own networks
sender_verify_hosts = !localhost:!rocklines.example.com:0.0.0.0/0
sender_reject = @@partial-lsearch*;/usr/exim322/blocked.senders
# this last line may wrap - careful
prohibition_message = "${lookup{$prohibition_reason}lsearch {/usr/exim322/reject.messages}{${expand:$value}}}"
And then ...
/usr/exim322/blocked.senders (or whatever) is of the format [first few lines
here ... the whole thing comes to over 150 lines]
# block rocke2@???
norman.bay9.com rocke2
# block all rubbish from cypo.com
cypo.com *
# block jay@???
newtechcorp.com jay
# admin__@any-domain is a virus mail
* admin__
# several spammers using vsnl accounts
vsnl.com linux:gtcdrom:samtec:lunkar:extractsoft:extractsoft1:pauldiamonds:linit
# single user at vsnl bangalore
blr.vsnl.net.in gtintblr
etc etc.
reject.messages is (this may - rather _will_ wrap)
sender_reject: Get Lost - No Spammers Allowed Here|Contact postmaster\@example\.com
host_accept_relay: Host $sender_fullhost not allowed to relay|through $primary_hostname|Contact postmaster\@example\.com
rbl_reject: Host $sender_fullhost is not permitted to send mail to or |\
through $primary_hostname. |\
${if eq {$rbl_domain}{relays.mail-abuse.org} {You have an open SMTP relay\
which has been used to send spam|See:\
<URL:http://mail-abuse.org/cgi-bin/nph-rss?query=$sender_host_address>|\
for details.|}}
${if eq {$rbl_domain}{blackholes.mail-abuse.org} {$rbl_text|}}
${if eq {$rbl_domain}{dialups.mail-abuse.org} {Dialup connections are not\
permitted to directly use this mail server.|Please use your ISP's mail\
server instead.\
For details $rbl_text|}}
Please contact postmaster@??? with any questions.
If you use rbl_reject you had better have this in exim's configure file
rbl_domains = blackholes.mail-abuse.org:dialups.mail-abuse.org:relays.mail-abuse.org
rbl_hosts = 0.0.0.0/0
rbl_log_headers
rbl_log_rcpt_count
recipients_reject_except = postmaster@???:abuse@???
-suresh
ps - change example.com to whatever your domain is.
--
Suresh Ramasubramanian <--> mallet <at> efn <dot> org
EMail Sturmbannfuhrer, Lower Middle Class Unix Sysadmin
