Re: [exim] ACL for some bounce msgs

Page principale
Ce message fait partie du fil suivant :
MArborescence complète du fil triée par date
MMDennis Davis à <-
.MR.B. (Rick) à ->
Supprimer ce message
Répondre à ce message
Auteur: Steven A. Reisman
Date:  
À: Exim users list
CC: 
Sujet: Re: [exim] ACL for some bounce msgs
On Thu, Aug 26, 2004 at 03:33:36PM +0200, R.B. (Rick) wrote:
> my problem now is block those bounce messages coming from mailing system
> that catch emails with virus that have forged sender... in this way my
> users get a virus notify and every time call me worried about that...arg

> what do you think abount create an ACL to block msgs wit the sender <> and
> that contains the word virus in subject or in the body? Should work?

> Any better solution?


This is based on a series of tests posted by Paul Vixie to the NANOG
mailing list, modified for exim and posted to this list by Richard Welty.

Steve




acl_check_data: 

# From my own SPAM bin - (SAR) 24 August 2004
  deny  condition = ${if match{$header_subject:}{Symantec Email Proxy Deleted Me
ssage}{yes}{no}}
        message = Don't send pointless AV notifications, please



# Posted to exim-users list on 31 Jan 2004 by Richard Welty
# (based on NANOG posting by Paul Vixie) - (SAR) 31 January 2004 

  deny  condition = ${if match{$header_subject:}{Anti-Virus Notification}{yes}{no}}
        message = Don't send pointless AV notifications, please


  deny  condition = ${if match{$header_subject:}{BANNED FILENAME}{yes}{no}}
        message = Don't send pointless AV notifications, please


  deny  condition = ${if match{$header_subject:}{File blocked - ScanMail for Lotus}{yes}{no}}
        message = Don't send pointless AV notifications, please


  deny  condition = ${if match{$header_subject:}{InterScan NT Alert}{yes}{no}}
        message = Don't send pointless AV notifications, please


  deny  condition = ${if match{$header_subject:}{Message deleted}{yes}{no}}
        message = Don't send pointless AV notifications, please


  deny  condition = ${if match{$header_subject:}{NAV detected a virus}{yes}{no}}
        message = Don't send pointless AV notifications, please


  deny  condition = ${if match{$header_subject:}{Norton AntiVirus detected}{yes}{no}}
        message = Don't send pointless AV notifications, please


  deny  condition = ${if match{$header_subject:}{RAV AntiVirus scan}{yes}{no}}
        message = Don't send pointless AV notifications, please


  deny  condition = ${if match{$header_subject:}{Symantec AntiVirus}{yes}{no}}
        message = Don't send pointless AV notifications, please


  deny  condition = ${if match{$header_subject:}{VIRUS .* IN MAIL FROM YOU/}{yes}{no}}
        message = Don't send pointless AV notifications, please


  deny  condition = ${if match{$header_subject:}{VIRUS IN YOUR MAIL}{yes}{no}}
        message = Don't send pointless AV notifications, please


  deny  condition = ${if match{$header_subject:}{Virus Detected by Network Assoc}{yes}{no}}
        message = Don't send pointless AV notifications, please


  deny  condition = ${if match{$header_subject:}{[MailServer Notification]To Sender virus found and action taken}{yes}{no}}
        message = Don't send pointless AV notifications, please


# accept otherwise
accept 


----------------------------------------------------------------------
Steven A. Reisman          <sar@???>           P.O. Box 409
Press Enter LLP                                       421 N 2nd Street
715-426-2100 or 651-436-5254                    River Falls, WI  54022
----------------------------------------------------------------------



Ce message a été envoyé sur les listes de diffusion suivantes :
Exim-users
Informations sur la liste de diffusion | Messages voisins		<-Re: [exim] virtual domains and aliasesRe: [exim] exim cygwin and dsearch (kind of long)->
Tahini and Hummus and Cumin Development Archives administré par cumin AdminsLurker (version 2.3)