Author: Jim Roberts Date: To: Giuliano Gavazzi, Jerry Stuckle CC: exim-users Subject: Re: [exim] DNS Blacklists and relayed messages
----- Original Message -----
From: "Giuliano Gavazzi" <eximlists@???>
To: "Jerry Stuckle" <jstuckle@???>
Cc: <exim-users@???>
Sent: Friday, September 03, 2004 7:24 PM
Subject: Re: [exim] DNS Blacklists and relayed messages
> At 7:02 pm -0400 2004/09/03, Jerry Stuckle wrote:
> >I can't very well abandon this email address - I've had it for over
> >10 years, and get a lot of "good" mail through it, even though I've
> >moved most of my subscriptions over to my new ID.
> >
> >However, I hadn't thought about the bouncing problem - you're
> >correct, I don't want to do that.
> >
> >So, I guess I'll have to receive the message then throw it away?
>
> I'd say so. Also, the message has been already accepted by the first
> server and you must go through the whole DATA phase, and here they go
> the two main reasons for rejecting, namely not validating your
> address to the spam sender and saving bandwidth.
>
> Giuliano
>
Giuliano, you forgot two more reasons: (1) the annoying delay while I
download my email to my wireless laptop, because of the large amount of spam
in the data stream, if I don't block it at the server. And (2) the
resulting annoyance of either having to configure the %^&* email client to
catch it (how to check DNSBL from my email client, at least without a
warning header??) or delete it by hand.
All that said, it is possible to do this. I do it myself for a permanent
address of mine that forwards to my "real" account. I have configured Exim
to examine the incoming headers, extract the IP that sent the mail to the
forwarder, check that IP against selected DNSBL, and add a warning header
accordingly. I do still have to accept the mail, so as not to generate
bounces. But I set it to deliver such junk to a "spam-catcher" account.
One of these days, I will probably just blackhole it. :) The tricky bit
(for me) was coming up with the regex to match a specific known forwarder
(or forwarders).
Search the archives from back in ... I think it was March? I think I used
the sub-string "IP_FWD" or "FWD_IP" (I forget which). If you have trouble
finding it, email me off-list and I'll dig up the details again, as time
allows.