Re: [exim] X-originating-IP

Pàgina inicial
Delete this message
Reply to this message
Autor: Mike Cardwell
Data:  
A: exim users
Assumpte: Re: [exim] X-originating-IP
Peter Lindberg wrote:

> I'm getting more and more spam from webmail sites like hotmail, and i
> was wondering if it was possible to write an acl to check the
> X-originating-IP header against blacklists. i thought it would be a
> simple task, but i've failed. perhaps somebody could clue me in :-)


In your DATA acl *only* ...

deny condition = ${if 
match{$h_X-Originating-IP:}{\N^\d{1,3}(\.\d{1,3}){3}$\N}}
      dnslists  = sbl-xbl.spamhaus.org/$h_X-Originating-IP: \
                : bl.spamcop.net/$h_X-Originating-IP:
      message   = $h_X-Originating-IP: is listed on $dnslist_domain \n\
                  $dnslist_text


That would do lookups against both sbl-xbl.spamhaus.org and bl.spamcop.net

It assumes the you have headers like:

X-Originating-IP: 192.168.0.1

And not anything like for example:

X-Originating-IP: [192.168.0.1]

If that's not the case, please provide more info and we can build
something to parse out the contents of the X-Originating-IP header.

Mike