At 12:37 am +0000 30/1/04, Jez Hancock wrote:
>
> > Now the * on the end of lsearch* means that if the domain name can't
>> be found, it will look for a domain name of '*' in the 1st column and
>> then try to match the local_part with the list in the 2nd column. I
>> use this to match typical local_parts that spam tends to use although
>> it's less effective now than it used to be.
>
>What exactly does your lsearch blacklist rule look like here?
>Presumably you use it in the RCPT ACL?
Yes.
It looks like this (3 lines might wrap in your mailer):
deny message = Message rejected because $sender_host_address is
blocked locally.
log_message = Message rejected from $sender_host_address by
sender_reject_bydomain
senders = @@lsearch*;/etc/mail/exim/sender_reject_bydomain
I have it before my RBL checks.
If I remember right, Phil helped me with this setup originally years
ago.. credit where credit due.
Perhaps I ought to add that the RBLs and SA tend to catch roughly 95%
of my incoming spam. Then exiscan (mime filtering), DCC and the above
usually catch the rest.
Glenn
--
Dr. Glenn Carver, Centre for Atmospheric Science, Univ. of Cambridge,
Chemistry Dept., Lensfield Road, Cambridge, CB2 1EW, UK.
mailto:Glenn.Carver@atm.ch.cam.ac.uk http://www.atm.ch.cam.ac.uk/~glenn/
Phone: +44 (1223) 763827
Fax: +44 (1223) 763823