Re: [Exim] collecting a list of rejected hosts (anti-spam me…

Top Page
Delete this message
Reply to this message
Author: Alan J. Flavell
Date:  
To: Alexey Promokhov
CC: Exim users list
Subject: Re: [Exim] collecting a list of rejected hosts (anti-spam measures)
On Fri, 2 May 2003, Alexey Promokhov wrote:

> I want to use the proxycheck program
> (http://www.corpit.ru/mjt/proxycheck.html) against every rejected host to
> test for presence of open relay/proxy, and submit positive results to
> dsbl.org. So I need to spawn external program each time when RCPT TO: has
> been rejected by ACL. Or at least to write rejected IPs to file.
>
> Is there any way to do it


The 'condition' $run{...} in an ACL can happily run an external
program: I use it to invoke a perl script which updates a blacklist
file automatically:

  deny ...
         condition = ${run{/etc/exim/antijohn.pl $sender_host_address }{1}{0}}
       ...


(where 'antijohn.pl' is the script[1] which appends to the relevant
blacklist file)

You'll want to take extra care to make sure the script doesn't causes
errors, otherwise you're likely to cause exim to return a 4xx response
and the attacker is liable to retry over and over, until you finally
notice the errors in the log. ("Been there, done that...").

All the best

[1] Just why it's named that way is hardly relevant here...