Re: [Exim] Re: ANTISPAM reply-based unblock-sender-email (ww…

Top Page
Delete this message
Reply to this message
Author: William Thompson
Date:  
To: Clive Goodhead
CC: exim-users
Subject: Re: [Exim] Re: ANTISPAM reply-based unblock-sender-email (www/reply)
> > With exim callouts, HELO checking, and SA-Exim, I get virtually no
> spam, and
> > without annoying people who send me mail.
> >
> > Marc
>
> Would you mind elaborating on the HELO checking that you do.


I can give you an example of the HELO that I use:
acl_check_helo:
    # always accept if this is localhost
    accept  condition = ${if eq{$interface_address}{127.0.0.1}{yes}{no}}


    # Reject HELOs that contain IP addresses unless we are a relay for
    # them.
    drop    !hosts = +relay_from_hosts
        message = ${lookup \
                mysql{select reject_reason \
                  from eximconf.reject_messages \
                  where reject_name='ip_helo'} \
                {${expand:$value}} \
               }
        log_message = HELO is an IP
        condition = ${if match{$sender_helo_name}{\N^\[?\d+\.\d+\.\d+\.\d+\]?$\N}{yes}{no}}



    # Same as above, but check for common HELO names to see if they come
    # from the correct host.
    drop    !hosts = +relay_from_hosts
        message = ${lookup \
                mysql{select reject_reason \
                  from eximconf.reject_messages \
                  where reject_name='host_helo_mismatch'} \
                {${expand:$value}} \
               }
        log_message = HELO mismatch
        condition = ${if \
                or { \
                    {and { \
                        {or { \
                             {eq{$sender_helo_name}{hotmail.com}} \
                             {eq{$sender_helo_name}{msn.com}} \
                            } \
                        } \
                        {!match{$sender_host_name}{(hotmail|msn)\\.com}} \
                         }} \
                    {and { \
                        {eq{$sender_helo_name}{aol.com}} \
                        {!match{$sender_host_name}{(netscape|aol)\\.(net|com)}} \
                         }} \
                    {and { \
                        {eq{$sender_helo_name}{outblaze.com}} \
                        {!match{$sender_host_name}{outblaze\\.com}} \
                         }} \
#                    {and { \
#                        {eq{$sender_helo_name}{}} \
#                        {!match{$sender_host_name}{}} \
#                    }} \
                   } \
                {yes}{no} \
                 }


    accept


NOTE: this won't work with exim 4.14 w/o the patch I wrote for the HELO acl.
Phil has incorporated my patch into the testing release of exim and should be
in exim 4.20.

I'd like to figure out a better way of doing that last set, I just haven't
bothered to attempt to figure it out.