Environment: Exim Ver 4.05 on RedHat linux Ver 7.2
This may be obvious, but it is possible to do a "verify sender/callout"
for specific domains only. We found that spammers forging return
addresses almost always use one of the big domains like hotmail, aol,
excite, etc., which respond properly to a callout. So I added a deny
command to my RCPT ACL to just do callouts for them and let everything
else pass:
deny sender_domains = +callout_domains
message = We block non-existent senders.
!verify = sender/callout
The callout_domains list is the list of big domains that I want to do
callouts for. This is blocking about 1000 spam messages a day for us,
out of our normal input of about 25,000, so it seems to be pretty effective.
--
Russell D. Wilton E Mail: WILTON@???
Network Services Manager Voice: (403) 329-2525
University of Lethbridge FAX: (403) 382-7108
4401 University Drive Lethbridge, Alberta, CANADA T1K 3M4
