Re: [Exim] Checking DNSBL's based on Received: headers

Top Page
Delete this message
Reply to this message
Author: Alan J. Flavell
Date:  
To: Exim users list
Subject: Re: [Exim] Checking DNSBL's based on Received: headers
On Fri, 20 Feb 2004, Avleen Vig wrote:

> What I want to know, is if it's possible for me to scan an incoming
> message (probably in the data ACL?) for an IP address and then apply a
> dnslists acl to it??


Yes. I recently described a DATA ACL snippet which deals with the
situation where our users have a forwarding account elsewhere. The
same idea could be adapted to dealing with a secondary MX.

http://www.exim.org/pipermail/exim-users/Week-of-Mon-20031201/063095.html

The recipe there, adapted appropriately, should be good enough for
your purpose; in fact there are some improvements that can be done for
my "leaky forwarder" situation, which I'll perhaps try to write up and
some point.

However, be aware that most of the spam that you reject at that stage
is going to provoke an undeliverable bounce at your secondary MX - or
worse, "collateral spam" to an innocent third party whose address has
been faked by the spammer as sender - so I would suggest talking to
the admin of the secy MX before implementing such a scheme.

It's much better if the admin of the secondary MX can implement
appropriate antispam measures before accepting the items in the first
place.