Re: [Exim] EXIM input and msglog

Top Page
Delete this message
Reply to this message
Author: Nico Erfurth
Date:  
To: Leonardo Boselli
CC: exim-users
Subject: Re: [Exim] EXIM input and msglog
Leonardo Boselli wrote:
> I have the same problem, but the queued messages are all non
> delivery messages sent to hosts not on line or even to message
> that got a 550 user unknown.


You mean Bounces?

> I tseemms there is a configuration lione not working ...
> HOW CAN I ( 3.35 ) set exim so:
>    every message that came from <> and is not deliverable due a
>   550 erris is thrown away ?
> It could be Lucio's  case,  and a reply couyld be good for both ...



1a)  to prevent generating too much bounces you should enable sender and
     receiver verification, this will remove MANY frozen messages too,
     sent by spammers
1b) if you have a smaller system and can afford the overhead, think
     about adding a callout-check [*1]
2)  Think about adding RBLs to stop more spam before it hits your server
3a) exim3: look for auto_thaw, timeout_frozen_after,
     ignore_errmsg_errors and ignore_errmsg_errors_after.
3b) exim4: look for auto_thaw, timeout_frozen_after, and
     ignore_bounce_errors_after.



*1
I added a callout check for the usual domains used by spammers, my acl
for this looks like this (exim4).
<acl>
# Verify sender (check for and routable MAIL FROM:)
require message = Unroutable sender address
         verify  = sender
# Do a callout verify for senders from freemailer domains
deny    message = Unroutable sender address
         log_message = Unroutable sender address while callout verify
         condition = ${lookup {$sender_address_domain} cdb \
    {/etc/exim/calloutdomains.cdb}{yes}}
         !verify = sender/callout=20s/callout_defer_ok
</acl>


<database>
#cat /etc/exim/calloutdomains
gmx.de
gmx.net
gmx.at
gmx.com
web.de
nyc.com
firemail.de
lycos.com
gnbinternet.com
aol.com
excite.com
fiberia.com
fuse.net
ureach.com
msn.com
yahoo.com
hotmail.com
email.com
</database>

This works fine for me and doesn't check EVERY sender with a callout,
but requires exim4 to work, as you can't control the domains for
callout-checking in exim3.

ciao