Re: [Exim] A couple things before I start my Exim migration

Pàgina inicial
Delete this message
Reply to this message
Autor: Tom Wiebe Lists
Data:  
A: exim-users
Assumpte: Re: [Exim] A couple things before I start my Exim migration
Excellent!

I'll dig more into using mysql for this, as I'm not a perlhead in the
slightest. I had suspected that there were multiple ways to do all of
these things. I'm really liking the flexibility of Exim, and the
straightforward syntax for things.

Thanks much for the input. I'm sure I'll have more questions later. :)

Tom

On May 13, 2004, at 4:49 AM, Kelley Reynolds wrote:

> --- Original Message ---
> From: Nigel Metheringham <Nigel.Metheringham@???>
> Sent: Thu, 13 May 2004 09:28:53 +0100
> To: exim-users@???
> Subject: Re: [Exim] A couple things before I start my Exim migration
>
>> [No recipe answers here, but a few pointers]
>>
>> On Thu, 2004-05-13 at 08:08, Tom Wiebe Lists wrote:
>>> SpamTraps - SIMS allows you to designate certain addresses as
>>> spamtrap
>>> addresses and any host sending email to one of these addresses
>>> (which I
>>> disseminate widely) blacklists the sending server for a short time. A
>>> simple yet remarkably effective anti-spam measure. Is there a way to
>>> do
>>> this on Exim. I believe Stalker's CommunigatePro does this as well.
>
>> Not directly. It could, however, definitely be worked round.
>> Spamtrap
>> addresses aliased to a program invocation (probably with the sending
>> host as a parameter to the program). The program (most likely a perl
>> script) would update a dbm file keyed on sending host and having
>> (say) a
>> timestamp as the data. You would also have a regular cron job which
>> walks the dbm file and removes stale entries (thats why you put the
>> timestamp in the data). Use the dbm file as a host blocklist in an
>> acl.
>
> As a more (or less depending on your perspective) encapsulated way of
> doing this, you can have exim directly create SQL entries in an ACL
> which are referenced in an ACL previous to it. For cleaning (very
> important), you have a couple of options. You can use a scripted
> cronjob, you can just include a timeout in your sql query to not
> blacklist hosts that are particularly old (then update instead of
> insert on extant hosts), or you can randomly run a query which will
> clean out stale entries in an ACL every x messages or so. SQL has a
> bit more overhead than dbm, but if you are wanting to do a large
> variety of custom data-tracking and blocking, it may be the way to go
> for simplicity.
>
>>> Blocking Address Harvesters - When an attempt to send email to a
>>> number
>>> of invalid addresses is made, the sending server is temporarily
>>> blacklisted by SIMS. Another simple, and effective anti-spam measure.
>>
>> Probably similar form to the one above. Be very careful, though,
>> about
>> having blanket address acceptance.
>
> Ditto, use rcpt_fail_count (or rcpt_failed_count, I always forget)
>
>>> Throwaway email addresses - I have a router entry in SIMS that will
>>> send any email addressed to user.<whatever>@domain.com to
>>> user@??? on the server. I use this extensively to sign up for
>>> stuff and, if the address gets abused, can route it to error and I've
>>> blocked a bunch more spam. I've tried using an alias for this, to no
>>> avail, thinking this is likely a router? Any pointers in setting this
>>> up would be most helpful.
>
>> Look at local_part_suffix (and local_part_prefix) in routers and
>> transports documentation. These are also available in filters which
>> allows you to do per user designation of these.
>
> Nigel has this one covered as well.
>
> A bit more on SQL... one of the reasons I like it more than dbm files,
> despite the overhead, is the ability to track a wide variety of
> information. For example, it makes it convenient to
>
> 1. Store filtering preferences in it so different people can block
> different attachments.
>
> 2. Multiple SA preferences
>
> 3. Logging delivery success, one can autowhitelist or autoblacklist
> over time (very effective at catching infrequent spamming hosts and
> reducing resource usage)
>
> 4. Auto-whitelist authenticated senders (which I'm assuming you'll
> have)
>
> 5. Quickly create web reports for people based on sql data rather than
> giving your webserver access to the exim directory
>
> aThe rest is limited only by your imagination
>
> Kelley Reynolds
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users
> Exim details at http://www.exim.org/ ##
>