Re: [Exim] Checking DNSBL's based on Received: headers

Inizio della pagina
Delete this message
Reply to this message
Autore: James P. Roberts
Data:  
To: Avleen Vig, exim-users
Oggetto: Re: [Exim] Checking DNSBL's based on Received: headers
----- Original Message -----
From: "Avleen Vig" <lists-exim@???>


> A common problem people using secondary MX servers, is that they are
> sometimes out of the control of the owner of the primary MX.
>
> We know spammers frequently send directly to the secondart MX to bypass
> ACL checks on the primary in a number of ways.
>
> What I want to know, is if it's possible for me to scan an incoming
> message (probably in the data ACL?) for an IP address and then apply a
> dnslists acl to it??
>


Yes, it can be done, I am doing it. The catch is, you can't do the reject at
SMTP time. It has to be done in the DATA ACL. As a result, when I run the
check, I add an X header to the mail, then divert it to a holding pen account.
(No bounces! Otherwise, the secondary would be overwhelmed and probably stop
providing the free service.) No complaints so far, but I haven't got that
many users.

I can share my recipe with the list if people want.

Jim Roberts
Punster Productions, Inc.