Hello again,
I've been able to bend exim to my will (slightly .. for the time being ) :)
And I'm wondering if I have too much or too little going on here..
Obviously I'm looking to reject things as quickly as possible with as
little resources used as possible..
below is my acl_rcpt_check which I'm looking for criticism on..
begin acl
acl_check_rcpt:
accept hosts = :
drop message = Forged HELO/EHLO: $sender_helo_name
hosts = !+relay_from_hosts
condition = ${lookup {$sender_helo_name}
cdb{/usr/local/etc/exim/forged_helos.cdb}{yes}{no}}
deny domains = !+relay_to_domains
deny !verify = sender
deny domains = +relay_to_domains
local_parts = ^[.] : ^.*[?*#\$^&()~"'@%!/|]
message = strange characters in address.
deny domains = +relay_to_domains
local_parts = ^[./|] : ^.*[?*#\$%&()~"'@%!] : ^.*/\\.\\./
message = strange characters in address.
accept local_parts = postmaster : abuse
domains = +relay_to_domains
require recipients = cdb*@;/usr/local/etc/exim/recipients.cdb
# even with message = blah here it just returns 550 Administrative
# default message..
# #
# DNSBL #
# #
drop message = ** Attention ** \nThis message has been rejected!\n\nOn
$tod_full\n\tYour message to $local_part@$domain from
$sender_address\nhas permanently failed.\n\nThe reason is:
$sender_host_address is listed on a dns block list.\n\nThe query
returned this information:\n$dnslist_text\nVisit this link for more
information.\n\nThis is a permanent failure, $local_part@$domain did not
receive your message nor will they until this problem is corrected.\n\n
#deny message = rejected - $sender_host_address is listed at
$dnslist_domain\n$dnslist_text
log_message = found in $dnslist_domain
dnslists = bl.dnsbl.bsdwebsolutions.com : bl.spamcop.net :
combined.njabl.org
# put Header in telling of presense in SPEWS
warn message = X-Warning: $sender_host_address is in SPEWS
log_message = found in spews
dnslists = spews.dnsbl.bsdwebsolutions.com
# put Header in telling of presence of rfc-ignorant
warn message = X-Warning: $sender_host_domains is in $dnslist_domain -
[$dnslist_text]
log_message = found in rfc-ignorant
dnslists = dsn.rfc-ignorant.org/$sender_address_domain \
postmaster.rfc-ignorant.org/$sender_address_domain \
abuse.rfc-ignorant.org/$sender_address_domain \
whois.rfc-ignorant.org/$sender_address_domain
# put Header in telling of the lack of PTR
warn message = X-Broken-Reverse-DNS: $sender_host_address
!verify = reverse_host_lookup
log_message = no PTR
# put in Date header if none is detected
warn condition = ${if !def:h_Date: {1}}
message = Date: $tod_full
# not sure if the next section is needed.. {
# without this relay_to_domains emails are not
# accepted.. not sure why..
# would think it's accepted by this point..
accept domains = +relay_to_domains
endpass
verify = sender
# }
deny message = relay not permitted
# EOF
Again, I appreciate and look forward to comments.
- Brian
