Re: [exim] Exim does NOT run DNSBL and Spam checks if mail i…

Top Page
Delete this message
Reply to this message
Author: Mike Cardwell
Date: 2006-11-14 09:21 -000
To: exim-users
Subject: Re: [exim] Exim does NOT run DNSBL and Spam checks if mail is received from secondary mail server
* on the Tue, Nov 14, 2006 at 08:59:53AM +0100, Renaud Allard wrote:

> If your secondary MX is trusted (like in relay_from_hosts) by your
> primary server, there is no reason the primary would run any checks on
> mails sent by the secondary. And DNSBL cannot work, as mails are sent by
> your secondary.
> If you wish to have 2 MX, they should have the same level of pretection
> against spam to be effective.


Ideally, you'd configure your backup mx to behave the same was as your
primary mx yes. However, some times, people can't do that.

I wrote the following configuration the other day which might help. It
could do with tidying up a bit:

deny hosts       = +backup_mx
     set acl_m3  = ${if match{$h_received:}{\N^[^\[]+\[[^\[]+\[([^\[\]]+)\]\N}{$1}{}}
     condition   = ${if match{$acl_m3}{\N^\d+\.\d+\.\d+\.\d+$\N}}
     set acl_m4  = ${sg{$acl_m3}{\N^(.+)\.(.+)\.(.+)\.(.+)$\N}{\$4\.\$3\.\$2\.\$1}}.sbl-xbl.spamhaus.org
     set acl_m4  = ${lookup dnsdb{a=$acl_m4}{$value}{}}
     !condition  = ${if eq{$acl_m4}{}}
     message     = Your message has been rejected due to $acl_m3 being listed by sbl-xbl.spamhaus.org ($acl_m4)


Basically, it pulls out the ip address of the smtp server before your
backup mx by looking at the received headers, and then looks that up
against the dnsbl of your choice (spamhaus in the example)

It's not nice, and it could do with tidying up a bit, but it works.

The problem with this is, you reject back to the backup mx, and then
that attempts to generate a bounce message. This might create back
scatter, but at least it'll keep the spam out of your mailbox.

Mike