[Exim] Exim 3.35 -> blocking IP address

Top Page
Delete this message
Reply to this message
Author: Ryan Tracey
Date:  
To: Exim Mailing List
Subject: [Exim] Exim 3.35 -> blocking IP address
Hi

I have a list of confirmed spammer IP addresses gathered by various exim
filters (spamtrap, etc) that I am using to block further delivery
attempts with. I cron a process that concatenates the inidividual
lists, then sorts and makes unique the resulting list, after which I add
": block" after each entry (e.g. 123.123.123.123: block) and then use
exim_dbbuild to create a dbm copy of that file.

I have the following entry in the system filter to block delivery of any
email from any of those IPs:

if
("${lookup{${lc:$sender_host_address}}dbm{/etc/exim/spamblock.db}{$value}}"
is "block")
then
        save /var/log/exim/spamcatcher/result.spool 0644
        logfile /var/log/exim/spamcatcher/result.log 0644
        logwrite "[$tod_log] ${lc:$sender_address}
($sender_host_name[$sender_host_address]) -> recipients=$recipients
subject=$header_subject"
        seen
finish


endif

My question is whether there better way of making sure that the
deliveries from those IPs have the least impact on my mail server. Is
there a way I could send a 500 error at SMTP time rather than accepting
the whole email and then discarding it.

I am have setup an Exim 4 server with exiscan, spamassassin and clamav
that I plan to use in the not-too-distant-future. However, I would still
like to ensure that the existing 3.35 config is as efficient as it could be.

Thanks and regards,
Ryan