[exim] Applying Blacklists to EVERY IP in Reveived headers -…

Top Page
Delete this message
Reply to this message
Author: Marc Perkel
Date:  
To: exim users
Old-Topics: Re: [exim] REGEX help - Picking IP addresses out of Received Headers
Subject: [exim] Applying Blacklists to EVERY IP in Reveived headers - working !!!!
OK - I think I have it working. I'm testing it now. Here's my code, but
someone could clean it up some and do it right.

What this does is go through all IP addresses in the Received headers to
see if any of them are blacklisted the message is caught. This allows
you to apply blacklists to mail forwarded to your spam filter.

Again - someone clean this up and do it right. This could be a real
advancement in stam filtering

warn set acl_m0 =
     acl        = acl_relay_ip
     condition  = ${if ! eq{$acl_m0}{}}
     !condition = ${if def:h_X-Relay-IP:}
     message    = X-Relay-IP: $acl_m0


acl_relay_ip:
   warn set acl_m3 = ${if eq{$acl_m3}{}{$h_received:}{$acl_m3}}
        set acl_m2 = ${if match{$acl_m3}{\N^[^\[]+\[([^\]]+)\]\N}{$1}{}}
        set acl_m3 = ${sg{$acl_m3}{\N^[^\[]+\[([^\]]+)\](.*)\N}{\$2}}
   warn condition  = ${if match{$acl_m2}{\N^\d{1,3}(\.\d{1,3}){3}$\N}}
        !condition = ${if match_ip{$acl_m2}{+relay_from_hosts : 
127.0.0.0/8 : 192.168.0.0/16 : 10.0.0.0/8}}
    acl = acl_bltest
        set acl_m0 = ${if eq{$acl_m0}{}{$acl_m2}{$acl_m0 $acl_m2}}
   warn !condition = ${if eq{$acl_m2}{}}
        acl        = acl_relay_ip
   accept



acl_bltest:
accept    dnslists = zen.spamhaus.org/$acl_m2 : 
hostkarma.junkemailfilter.com=127.0.0.2/$acl_m2
        set acl_c_reject = spamsave - TESTV $acl_m2 is blacklisted at 
$dnslist_domain ($dnslist_value); ${dnslist_text} T=$h_To: S=$h_Subject: 
H=$h_X-Sender-Host-Name:
        acl = spamsave
accept


spamsave:
accept    !condition = ${if match {$acl_c_done}{done}{yes}{no}}
    add_header = X-Spamsave: Yes - $acl_c_reject
    add_header = X-Spam-Class: SPAM-HIGH-VERY
    set acl_c_done = done
    logwrite = REJECTED - $acl_c_reject
    !acl = mail_list
    control = fakereject/REJECTED - $acl_c_reject