Re: [exim] IPs which spam for many, many, domains

Autor: Jeremy Harris
Data:
A: exim-users @ exim. org
Assumpte: Re: [exim] IPs which spam for many, many, domains

Alan J. Flavell wrote:
> There are certain IPs which are registered via MX records for
> hundreds, or thousands, of domains under the control of a spammer.
> Some of these indeed seem to be operated by spammers who create new
> domains on a production-line basis.
>

> lookuphost: > driver = dnslookup > qualify_single = false > domains = ! +local_domains > ignore_target_hosts = 127.0.0.0/8 : CONFIG_DIR/bogon-bn-agg.txt \ > : CONFIG_DIR/ignore_spammers > transport = remote_smtp

>
>
> This not only prevents incoming mail from being accepted from them
> (because "verify sender" is caused to fail as a consequence) - it also
> causes any attempt by our users to communicate with these domains to
> be treated as bogons and failed.
>
>
> But that's a bit crude - it means that any attempt to communicate will
> fall through that router, and be handled by the unknown_domain router,
> which produces the report:

> So I'm looking for a some way to disambiguate these reports. If we
> stay with the same mechanism, I suppose we can insert an extra router
> before the unknown_domains, which is only activated for IP entries in
> the ignore_spammers list, and produces a more-appropriate error
> report.

Wouldn't it be clearer to reject in your mail acl, on
$sender_host_address matching your file?

- Jeremy

Aquest missatge és part del següent fil:
	l'arbre de fils complet ordenat per data
	Alan J. Flavell en
	Tony Finch en