Re: [exim] Excessive amount of SPAM

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Walt Reed
Date:  
À: Jess Mooers
CC: exim-users
Sujet: Re: [exim] Excessive amount of SPAM
On Wed, May 24, 2006 at 03:36:40PM -0500, Jess Mooers said:
> Installed according to these specs
>     http://maxo.captainnet.net/ecm2/index.html

>
> Technical Specs
> -----------------
> XServe G5 Cluster Node
> Mac OS 10.4
>
> ASSP 1.2.1 - Running on Port 25
> Exim-MTA 4.62 - Running on Port 2525
> Courier-Authlib 0.58
> Courier-IMAP 4.1.0
> ClamAV_0.88.2
> SpamAssassin Startup     
> GMP_4.1.4
> DBI_1.48
> DBD_Mysql-3.0002_5
> ECM2Admin (11-25-05)

>
> I have followed the above url instructions with the exception of putting ASSP in front of Exim. I have ASSP trained to detect [SPAM] and prepend the subject as such.
>
> I have the following DNSBLs setup in Exim 
>  deny     message        = DNSBL listed at $dnslist_domain\n$dnslist_text
>           dnslists       = sbl-xbl.spamhaus.org : \
>                            relays.ordb.org : \
>                            dnsbl.njabl.org : \
>                            list.dsbl.org : \
>                            bl.spamcop.net : \
>                            dnsbl.ahbl.org : \
>                            cn-kr.blackholes.us : \
>                            dynablock.njabl.org

>
> I am still getting a ton of [SPAM] through. ASSP is detecting most of it as spam, so I know that is working. With my old mailserver you could specify server wide spam rules, like if the subject contains a certain word, then deny the message. Does anyone know how to do this with Exim so that they are not delivered or if it is even possible at all?


In the exim manual:

See section 11.9, Expansion variables, and look at $header_
See also section 39.5, the DATA ACL's, and 39.20, "condition".

Be aware: Once ASSP has accepted the message and forwarded it to exim,
you should NOT NOT NOT bounce the spam as it results in collateral
damage. It is MUCH better to reject the spam outright - this means that
it should be rejected by ASSP.

Frankly, everything that assp does, exim can do, so it seems silly to
put it out front and then have exim do all the same stuff AGAIN.