On Fri, 20 Feb 2004, Avleen Vig wrote:
> What I want to know, is if it's possible for me to scan an incoming
> message (probably in the data ACL?) for an IP address and then apply a
> dnslists acl to it??
Yes. I recently described a DATA ACL snippet which deals with the
situation where our users have a forwarding account elsewhere. The
same idea could be adapted to dealing with a secondary MX.
http://www.exim.org/pipermail/exim-users/Week-of-Mon-20031201/063095.html
The recipe there, adapted appropriately, should be good enough for
your purpose; in fact there are some improvements that can be done for
my "leaky forwarder" situation, which I'll perhaps try to write up and
some point.
However, be aware that most of the spam that you reject at that stage
is going to provoke an undeliverable bounce at your secondary MX - or
worse, "collateral spam" to an innocent third party whose address has
been faked by the spammer as sender - so I would suggest talking to
the admin of the secy MX before implementing such a scheme.
It's much better if the admin of the secondary MX can implement
appropriate antispam measures before accepting the items in the first
place.
