Re: [Exim] acl to reject clients

Top Page
Delete this message
Reply to this message
Author: Odhiambo G. Washington
Date:  
To: exim-users
Subject: Re: [Exim] acl to reject clients
* Jethro R Binks <jethro.binks@???> [20040609 11:53]: wrote:
> On Wed, 9 Jun 2004, TN wrote:
>
> > I have been asked by a firm for whom I installed exim for to block
> > certain email clients from being used when sending email. They want this
> > for license compliance to force their staff to stop using clients for
> > which they don't own licenses (ie. outlook, lotus notes etc). I
> > suggested that they just enforce it, but staff tend to install whatever
> > they feel like without the management's knowledge (they don't have an
> > admin, I'm it and only ask me to do work irregularly, so I have no
> > control either)
> >
> > Is this possible, and how is this done ? I presume its possible by
> > inspecting the User-Agent but I don't think outlook express sends this,
> > and I imagine they would still like their staff to use OE.
>
> Clients don't send any sort of identifying string, although perhaps other
> characteristics or tricks may be employed to divine some of them, it's not
> worth it.


Hi Jethro,


Hi Jethro,

I beg to disagree with your view above. I block quite some spam based on
the header X-Mailer: and for your benefit (and for the benefit of those
who'd like to critique) here is the filter:


# Check for some Mailers commonly used by spammers
# WOLRULE 13

if $header_X-Mailer: contains "Advanced Mass Sender" or
   $header_X-Mailer: contains "Mail Bomber" or
   $header_X-Mailer: contains "Gammadyne Mailer" or
   $header_X-Mailer: contains "eGroups Message Poster" or
   $header_X-Mailer: contains "NetMasters SMTP" or
   $header_X-Mailer: contains "Mail Sender" or
   $header_X-Mailer: contains "PersMail" or
   $header_X-Mailer: contains "GMail2 " or
   $header_X-Mailer: contains "Dynamic Opt-In Emailer" or
   $header_X-Mailer: contains "CyberCreek" or
   $header_X-Mailer: contains "IntelliMerge" or
   $header_X-Mailer: contains "MultiMailer" or
   $header_X-Mailer: contains "Direct Remailer" or
   $header_X-Mailer: contains "QuickSender" or
   $header_X-Mailer: contains "Mailloop" or
   $header_X-Mailer: contains "jpfree Group Mail" or
   $header_X-Mailer: contains "MMailer" or
   $header_X-Mailer: contains "QuickSender" or
   $header_X-Mailer: contains "JiXing" or
   $header_X-Mailer: contains "Rvtyavqi" or
   $header_X-Mailer: contains "Nctlajqfnfm" or
   $header_X-Mailer: contains "CSM2" or
   $header_X-Mailer: contains "EhooPost 2004b" or
   $header_X-Mailer: contains "NetJunction" or
   $header_X-Mailer: contains "mPOP Web-Mail" or
   $header_X-Mailer: contains "randomword" or
   $header_X-Mailer: contains "Wagnermail" or
   $header_X-Mailer: contains "MIME Master" or
   $header_X-Mailer: contains "Python Email Injector" or
   $header_X-Mailer: contains "Schaffermail"
then
   logfile /var/log/exim/filter.log
   logwrite "$tod_log Reason: (WOLRULE_13 was Matched)\n\Message-id: $message_id (Banned Mailer)\n\
             BANNED Mailer Agent: $header_X-Mailer\n\Subject: $header_subject\n\Recipients: $recipients\n\
             Return path: $return_path\n\
  ------------------------------------------------------------------------------"
   fail text "You are using a mailer program, $header_X-Mailer known to be used by spammers."
endif







        cheers
       - wash
+----------------------------------+-----------------------------------------+
Odhiambo Washington                     . WANANCHI ONLINE LTD (Nairobi, KE)  |
<wash at wananchi dot com>              . 1ere Etage, Loita Hse, Loita St.,  |
GSM: (+254) 722 743 223                 . # 10286, 00100 NAIROBI             |
GSM: (+254) 733 744 121                 . (+254) 020 313 985 - 9             |
+---------------------------------+------------------------------------------+
"Oh My God! They killed init! You Bastards!"
                         --from a /. post