Re: [Exim] Filter Question

Top Page
Delete this message
Reply to this message
Author: Giuliano Gavazzi
Date:  
To: Jan H. van Gils, exim-users
Subject: Re: [Exim] Filter Question
At 20:58 +0100 2002/12/12, Jan H. van Gils wrote:
>    Hi,

>
>Thanks for reading.
>
>The spammers are using my own email address in the from field !
>
>Is there a way to create a filter that looks at the from field and then
>blocks
>The message ?, But because I would like to stil be able to send from my
>own
>Network there has to be another if that enables to option for domain
>that are
>In exim.conf , local_domains =
>
>For example :
>
>If $header_from: contains "@$local_domains and not $host_accept_relay
>    then
>    seen finish
>Endif

>
>This only doesn't work !
>
>Are there any other options ?


I think you are better off with a rcpt acl.
First of all accept if authenticated:

accept authenticated = *

and then reject if the sender domain is your domain:

deny    message         = MESSAGE REJECTED BECAUSE FORGED \
                OR NOT AUTHENTICATED SENDER.
         condition       = ${if
eq{$sender_address_domain}{your.domain}{yes}{no}}


please note that I have not double checked the syntax (or if you can
split the message as I did for this email).

Of course you have to enable authentication (and SSL/TLS if you don't
want clear text passwords flying around), but this is essential
anyway when roaming.

I love rcpt acl, I have two deny, in a separate file, one of 5 and
the other of 17 lines (because I like to have them in a readable
format) that currently are chewing away 99% of my spam. The same
deny file is used to define a new acl, which is used as a condition
to a warn, so that I can also tag mail for postmaster.
Did I say that I love acls?

Can we have escape characters in log messages please? I'd like to see
esc[31m (red) for each stupid spam squashed. I am joking.

Giuliano
--
H U M P H
    || |||
  software


Java & C++ Server/Client/Human Interface applications on MacOS - MacOS X
http://www.humph.com/