Re: [exim] Mail relaying

Top Page
Delete this message
Reply to this message
Author: Ian Eiloart
Date:  
To: Muhammed afsal
CC: exim-users
Subject: Re: [exim] Mail relaying


--On 14 November 2007 06:08:02 -0500 Muhammed afsal <afsal983@???>
wrote:

> Hello,
>
> Thanks for the response.
>
>># reject spam at high scores (> 12)
>> deny  message = This message scored $spam_score spam points.
>>      spam = nobody:true
>>       condition = ${if >{$spam_score_int}{120}{1}{0}}
>> Below, you ask about storing these messages. You can't, because you've
>> rejected the message. If it's a false positive, you can expect the sender
>> to try some other contact method.

>
>
>
> Can we asssign spam mails to a specific transport ( example : Deliver
> to a specific folder through local_delivery transport) without denying
> ?


Yes, but that would be a bad idea, for several reasons.

Many spambots will stop trying to send email to your server if you
consistently reject their email.

Delivering spam to a specific folder is completely pointless.

Delivering false positives to that same folder makes it very likely that
nobody will see the email. It is *much* better to deny the email, then the
sender gets a chance to fix the problem. Denying messages will not generate
collateral spam.

>
>
> Thanks,
> Sal.
>
>
> On Nov 14, 2007 5:41 AM, Ian Eiloart <iane@???> wrote:
>>
>>
>>
>> --On 13 November 2007 10:52:24 -0800 sal983 <afsal983@???> wrote:
>>
>> >
>> > Hello Friends,
>> > Hope you are doing fine.
>> >
>> > We have three mail domains in our company test.com,test1.com and
>> > test2.com, hosted on groupwise server. As spaming is a big threat that
>> > we are facing now, we are planing to install a mail server gateway by
>> > using the well known and powerfull EXIM. ie All the incoming mails are
>> > relaying through the exim mail server( having public IP
>> > 217.217.217.217), then filtered using spam assassin,acls etc and
>> > then delivered to the groupwise mail server( having private ip
>> > 192.168.8.1) and viceversa. Let me give skelton my exim.conf so that
>> > you will get a clear picture.
>> >
>> > exim.conf
>> > ----------
>> >
>> > qualify_domain = test.com
>> >
>> > domainlist relay_domains = lsearch;/etc/virtual/relay_domains:localhost
>> > //where the file relay_domains contain
>> > test.com,test1.com,test2.com
>> >
>> > domainlist relay_to_domains =
>> >
>> >
>> ># These options specify the Access Control Lists (ACLs) that
>> ># are used for incoming SMTP messages - after the RCPT and DATA
>> ># commands, respectively.
>> >
>> >
>> > acl_smtp_rcpt = check_recipient
>> > acl_smtp_mime = check_mime
>> > acl_smtp_data = check_message
>> >
>> >############# ACL################
>> >
>> > begin acl
>> > check_recipient:
>> >
>> > accept hosts = :
>> > deny local_parts = ^.*[@%!/|] : ^\\.
>> >
>> >   accept local_parts = postmaster
>> >          domains = +local_domains

>> >
>> >   accept domains = remote_domains +relay_to_domains
>> >          endpass
>> >          message = relay not permitted at this server
>> >          verify = recipient

>>
>> How is remote_domains defined? This looks bad, since you should be
>> rejecting email destined for non-local domains here. Except, possibly,
>> when the sender is local and authenticated - but you might be doing that
>> somewhere else.
>>
>> > accept hosts = +relay_from_hosts
>>
>> You haven't defined relay_from_hosts either, but if this is merely an
>> inbound mail server, you should not need this.
>>
>> > accept
>> >
>> > check_mime:
>> > -------
>> > --------
>> > check_message:
>> > ----
>> > -----
>> > deny message = This message was classified as SPAM
>> >      condition = ${if < {$message_size}{500K}}
>> >      spam = nobody

>> >
>> ># put headers in all messages (no matter if spam or not)
>> > warn  spam = nobody:true
>> >       add_header = X-Spam-Score: $spam_score ($spam_bar)
>> >       add_header = X-Spam-Report: $spam_report

>> >
>> ># add second subject line with *SPAM* marker when message
>> ># is over threshold
>> ># warn  spam = nobody
>> >       add_header = Subject: *SPAM* $h_Subject:

>>
>> This warn line should not be commented out.
>>
>> My view is that marking subject lines is a bad idea. If you aren't sure
>> about a message, let the user decide.
>>
>> ># reject spam at high scores (> 12)
>> > deny  message = This message scored $spam_score spam points.
>> >      spam = nobody:true
>> >       condition = ${if >{$spam_score_int}{120}{1}{0}}

>>
>> Below, you ask about storing these messages. You can't, because you've
>> rejected the message. If it's a false positive, you can expect the sender
>> to try some other contact method.
>>
>>
>> >############# ROUTER SETTINGS#######################
>> ># set rules for selecting a transport#
>> > begin routers
>> > redirect:
>> > driver = redirect
>> > data =
>> > ${lookup{$local_part@$domain}lsearch{/usr/local/exim/user_alias}}
>> >
>> > internal:                                #  To relay the mails  to our
>> > domains
>> >   driver = manualroute
>> >   domains =+relay_domains
>> >   transport = spamcheck
>> > route_data= 192.168.8.1          # IP address of groupwise server

>> >
>> > external:                  #To relay the mails to other domains
>> >   driver = dnslookup
>> >    domains = ! +local_domains
>> >   transport   = remote_smtp
>> >   ignore_target_hosts   =  0.0.0.0  :  127.0.0.0/8
>> >   no_more

>> >
>> >
>> >############# TRANSPORT SETTINGS####################
>> ># set rules for delivery transports#
>> > begin transports
>> >
>> > remote_smtp:
>> > driver = smtp
>> >
>> > spamcheck:
>> >    driver=smtp

>> >
>> >
>> >
>> >
>> >##########################################
>> >
>> >
>> >
>> > Let me come to the doubts .
>> >
>> > Please give your suggetons on this architecture?
>> > Is this mail relaying is harmful?
>> > If it is good how can i store the rejected mails after filtering in the
>> > relay server especially mails filtered by spam assassin?
>> >
>> > Any help would be great appreciable :)
>> >
>> >
>> > Thanks,
>> > Sal
>> >
>> > --
>> > View this message in context:
>> > http://www.nabble.com/Mail-relaying-tf4799845.html#a13732221 Sent from
>> > the Exim Users mailing list archive at Nabble.com.
>>
>>
>>
>> --
>> Ian Eiloart
>> IT Services, University of Sussex
>> x3148
>>




--
Ian Eiloart
IT Services, University of Sussex
x3148