I'm use a solution, and block 99% of spams and virus before exim_scan:
...
#Prevent "DEFER" messages in dnsdb (I' try other solutions, but this is only run
correctly)
dns_again_means_nonexist = !+local_domains : !+relay_to_domains
...
acl_check_helo:
accept hosts = +relay_from_hosts
drop log_message = "DENY - Helo - $sender_helo_name open proxy detected"
message = Open Proxy in HELO/EHLO (HELO was $sender_helo_name)
condition = ${if
eq{${sender_helo_name}}{${sender_host_address}}{no}{yes}}
condition = ${if isip {$sender_helo_name}{true}{false}}
drop log_message = "DENY - Helo - $sender_helo_name forged heloname
detected"
message = No you are not ME or OURS (HELO was $sender_helo_name)
condition = ${if match {${lookup
dnsdb{a=$sender_helo_name}{$value}{}}} \
{$interface_address} \
{true}{false}}
...
acl_check_data:
...
deny log_message = "DENY: Header - Message-ID or X-Mailer not found"
message = RFC2822 says you SHOULD have a Message-ID or
X-Mailer\n\
Most messages without it are spam, so your mail has
been rejected
hosts = !+relay_from_hosts
!senders = :
!authenticated = *
condition = ${if and {{!def:h_Message-ID:}{!def:h_X-Mailer:}} {1}}
deny log_message = "DENY - Header - Message-ID $h_Message-ID forged
detected"
message = No you are not ME or OURS (Message-ID was
${domain:$h_Message-ID:})
hosts = !+relay_from_hosts
condition = ${if match {${lookup
dnsdb{a=${domain:$h_Message-ID:}}{$value}{}}} \
{$interface_address} \
{true}{false}}
...
Cordialmente, Silmar A. Marca
GrupoGSN - Desenvolvimento, Implantação e Verificação de Servidores
Profissionais baseados em Linux/Novell
http://www.grupogsn.com.br/~marca/
------------------------------------------------------------
Se algo não lhe faz mal (fisico, moral ou psicologicamente),
experimente! O máximo e você perder tempo! E tempo, e
o que você tem a vida toda pra perder.....
Mais vale um instante de prazer que uma eternidade fútil!
------------------------------------------------------------
