Re: [exim] Malware bounce filtering

Top Page
Delete this message
Reply to this message
Author: David Saez Padros
Date:  
To: sheldonh
CC: exim-users
Subject: Re: [exim] Malware bounce filtering
Hi !!

I'm just developing a php script that can translate spam assassin rules
to exim acl's. I first tried with Tim Jackson's bogus virus warnings
( http://www.timj.co.uk/linux/bogus-virus-warnings.cf ). If you want to
try it the available-undocumented-untested exim acl is at
http://www.ols.es/exim/bogus-virus-warnings.acl i also have another
smaller acl that detects bad bounces and virus warnings at
http://www.ols.es/exim/virwarn.acl (also totally undocumented) Those
acl's are not plug&play but they could help you.

> I'm finally annoyed enough with the volume of accept-and-bounce malware
> bounces I get to do something about it. As postmaster and abuse contact
> for an increasing number of domains, I'm getting more than my fair share
> of this crap.
>
> I found Philip's Exim filter in the archives[1], but I want to issue an
> SMTP time reject, which I don't believe can be done with system or user
> filters. Envelope sender signatures[2] aren't suitable, because I
> don't control all the hosts that generate legitimate mail from sender
> addresses in the affected domains.
>
> Has anyone produced a malware bounce filter in Exim ACLs? The task of
> translating Philip's filter into ACLs looks... time-consuming. :-)


--
Best regards ...

----------------------------------------------------------------
    David Saez Padros                http://www.ols.es
    On-Line Services 2000 S.L.       e-mail  david@???
    Pintor Vayreda 1                 telf    +34 902 50 29 75
    08184 Palau-Solita i Plegamans   movil   +34 670 35 27 53
----------------------------------------------------------------