Hi
I have a list of confirmed spammer IP addresses gathered by various exim
filters (spamtrap, etc) that I am using to block further delivery
attempts with. I cron a process that concatenates the inidividual
lists, then sorts and makes unique the resulting list, after which I add
": block" after each entry (e.g. 123.123.123.123: block) and then use
exim_dbbuild to create a dbm copy of that file.
I have the following entry in the system filter to block delivery of any
email from any of those IPs:
if
("${lookup{${lc:$sender_host_address}}dbm{/etc/exim/spamblock.db}{$value}}"
is "block")
then
save /var/log/exim/spamcatcher/result.spool 0644
logfile /var/log/exim/spamcatcher/result.log 0644
logwrite "[$tod_log] ${lc:$sender_address}
($sender_host_name[$sender_host_address]) -> recipients=$recipients
subject=$header_subject"
seen
finish
endif
My question is whether there better way of making sure that the
deliveries from those IPs have the least impact on my mail server. Is
there a way I could send a 500 error at SMTP time rather than accepting
the whole email and then discarding it.
I am have setup an Exim 4 server with exiscan, spamassassin and clamav
that I plan to use in the not-too-distant-future. However, I would still
like to ensure that the existing 3.35 config is as efficient as it could be.
Thanks and regards,
Ryan