Re: [exim] EXIM as bacup MX vs SPAM

Top Page
Delete this message
Reply to this message
Author: Paul Dekkers
Date:  
To: David Strobl
CC: exim-users
Subject: Re: [exim] EXIM as bacup MX vs SPAM
Hi,

David Strobl wrote:

>can anyone help me with the next problem?
>I use Exim 3 (Debian Woody) as backup MX mail server for two domains. Is it
>possible to give to exim the list of the valid e-mail addresses? Some
>spammers trying to use random user name with name our domain and I looking
>for way to eliminate it. I Still use the DNSBL(spamhaus.org) and it seems it
>is not enought.
>
>

This is roughly what I do:

I have static routes on my exim box to an internal host; the 
static-routes-recipients points me to a list of users for a specific 
domain, with entries like:
surfnet.nl:            surfnet.nl-recipients.cdb
surf.net:            surf.net-recipients.cdb


In that surfnet.nl-recipients file I have entries like:
paul        accept
Paul.Dekkers   accept


At this moment my acl checks for the "accept" value, but you could
change this, since I auto-generate this file and it already had accept
in it I didn't really care about that ;-)

This is the acl I use:

  accept  domains       = 
lsearch;CONFIG_DIRECTORY/tables/static-routes-recipients
          endpass
          message       = Unknown recipient
          condition     = ${if 
eq{${lookup{${sg{$local_part}{\N\+.*$\N}{}}} \


cdb{CONFIG_DIRECTORY/tables/recipients/$domain_data}}}{accept}}
  #        local_parts   = 
cdb;CONFIG_DIRECTORY/tables/recipients/$domain_data
          verify        = recipient


You could of course use that local_parts thing instead of the condition
I use - but this condition is "suffix-safe" (and I want our users to be
able to have username+suffix addresses). The condition is more
cpu-expensive anyway. Since the list is relatively large I use cdb.
As far as I know local_part_suffix and local_part_suffix_optional
options are not available in the acl so I could not have used that instead.

Paul