Re: [exim] Mail relaying

Top Page
Delete this message
Reply to this message
Author: Muhammed afsal
Date:  
To: Ian Eiloart
CC: exim-users
Subject: Re: [exim] Mail relaying
Hello,

Yes. I think installing an addon for "fake reject" is a good idea. Otherwise
a wrong interpretation on mails by spam assassin would be lose legitimate
mails.

I m affried if I cant access the mail which is reside on groupwise mail
server through squirrel mail which is running on relaying mail server


Thanks,
Sal.






On 11/14/07, Ian Eiloart <iane@???> wrote:
>
>
>
> --On 14 November 2007 06:08:02 -0500 Muhammed afsal <afsal983@???>
> wrote:
>
> > Hello,
> >
> > Thanks for the response.
> >
> >># reject spam at high scores (> 12)
> >> deny  message = This message scored $spam_score spam points.
> >>      spam = nobody:true
> >>       condition = ${if >{$spam_score_int}{120}{1}{0}}
> >> Below, you ask about storing these messages. You can't, because you've
> >> rejected the message. If it's a false positive, you can expect the
> sender
> >> to try some other contact method.

> >
> >
> >
> > Can we asssign spam mails to a specific transport ( example : Deliver
> > to a specific folder through local_delivery transport) without denying
> > ?
>
> Yes, but that would be a bad idea, for several reasons.
>
> Many spambots will stop trying to send email to your server if you
> consistently reject their email.
>
> Delivering spam to a specific folder is completely pointless.
>
> Delivering false positives to that same folder makes it very likely that
> nobody will see the email. It is *much* better to deny the email, then the
> sender gets a chance to fix the problem. Denying messages will not
> generate
> collateral spam.
>
> >
> >
> > Thanks,
> > Sal.
> >
> >
> > On Nov 14, 2007 5:41 AM, Ian Eiloart <iane@???> wrote:
> >>
> >>
> >>
> >> --On 13 November 2007 10:52:24 -0800 sal983 <afsal983@???> wrote:
> >>
> >> >
> >> > Hello Friends,
> >> > Hope you are doing fine.
> >> >
> >> > We have three mail domains in our company test.com,test1.com and
> >> > test2.com, hosted on groupwise server. As spaming is a big threat
> that
> >> > we are facing now, we are planing to install a mail server gateway by
> >> > using the well known and powerfull EXIM. ie All the incoming mails
> are
> >> > relaying through the exim mail server( having public IP
> >> > 217.217.217.217), then filtered using spam assassin,acls etc and
> >> > then delivered to the groupwise mail server( having private ip
> >> > 192.168.8.1) and viceversa. Let me give skelton my exim.conf so that
> >> > you will get a clear picture.
> >> >
> >> > exim.conf
> >> > ----------
> >> >
> >> > qualify_domain = test.com
> >> >
> >> > domainlist relay_domains =
> lsearch;/etc/virtual/relay_domains:localhost
> >> > //where the file relay_domains contain
> >> > test.com,test1.com,test2.com
> >> >
> >> > domainlist relay_to_domains =
> >> >
> >> >
> >> ># These options specify the Access Control Lists (ACLs) that
> >> ># are used for incoming SMTP messages - after the RCPT and DATA
> >> ># commands, respectively.
> >> >
> >> >
> >> > acl_smtp_rcpt = check_recipient
> >> > acl_smtp_mime = check_mime
> >> > acl_smtp_data = check_message
> >> >
> >> >############# ACL################
> >> >
> >> > begin acl
> >> > check_recipient:
> >> >
> >> > accept hosts = :
> >> > deny local_parts = ^.*[@%!/|] : ^\\.
> >> >
> >> >   accept local_parts = postmaster
> >> >          domains = +local_domains

> >> >
> >> >   accept domains = remote_domains +relay_to_domains
> >> >          endpass
> >> >          message = relay not permitted at this server
> >> >          verify = recipient

> >>
> >> How is remote_domains defined? This looks bad, since you should be
> >> rejecting email destined for non-local domains here. Except, possibly,
> >> when the sender is local and authenticated - but you might be doing
> that
> >> somewhere else.
> >>
> >> > accept hosts = +relay_from_hosts
> >>
> >> You haven't defined relay_from_hosts either, but if this is merely an
> >> inbound mail server, you should not need this.
> >>
> >> > accept
> >> >
> >> > check_mime:
> >> > -------
> >> > --------
> >> > check_message:
> >> > ----
> >> > -----
> >> > deny message = This message was classified as SPAM
> >> >      condition = ${if < {$message_size}{500K}}
> >> >      spam = nobody

> >> >
> >> ># put headers in all messages (no matter if spam or not)
> >> > warn  spam = nobody:true
> >> >       add_header = X-Spam-Score: $spam_score ($spam_bar)
> >> >       add_header = X-Spam-Report: $spam_report

> >> >
> >> ># add second subject line with *SPAM* marker when message
> >> ># is over threshold
> >> ># warn  spam = nobody
> >> >       add_header = Subject: *SPAM* $h_Subject:

> >>
> >> This warn line should not be commented out.
> >>
> >> My view is that marking subject lines is a bad idea. If you aren't sure
> >> about a message, let the user decide.
> >>
> >> ># reject spam at high scores (> 12)
> >> > deny  message = This message scored $spam_score spam points.
> >> >      spam = nobody:true
> >> >       condition = ${if >{$spam_score_int}{120}{1}{0}}

> >>
> >> Below, you ask about storing these messages. You can't, because you've
> >> rejected the message. If it's a false positive, you can expect the
> sender
> >> to try some other contact method.
> >>
> >>
> >> >############# ROUTER SETTINGS#######################
> >> ># set rules for selecting a transport#
> >> > begin routers
> >> > redirect:
> >> > driver = redirect
> >> > data =
> >> > ${lookup{$local_part@$domain}lsearch{/usr/local/exim/user_alias}}
> >> >
> >> > internal:                                #  To relay the mails  to
> our
> >> > domains
> >> >   driver = manualroute
> >> >   domains =+relay_domains
> >> >   transport = spamcheck
> >> > route_data= 192.168.8.1          # IP address of groupwise server

> >> >
> >> > external:                  #To relay the mails to other domains
> >> >   driver = dnslookup
> >> >    domains = ! +local_domains
> >> >   transport   = remote_smtp
> >> >   ignore_target_hosts   =  0.0.0.0  :  127.0.0.0/8
> >> >   no_more

> >> >
> >> >
> >> >############# TRANSPORT SETTINGS####################
> >> ># set rules for delivery transports#
> >> > begin transports
> >> >
> >> > remote_smtp:
> >> > driver = smtp
> >> >
> >> > spamcheck:
> >> >    driver=smtp

> >> >
> >> >
> >> >
> >> >
> >> >##########################################
> >> >
> >> >
> >> >
> >> > Let me come to the doubts .
> >> >
> >> > Please give your suggetons on this architecture?
> >> > Is this mail relaying is harmful?
> >> > If it is good how can i store the rejected mails after filtering in
> the
> >> > relay server especially mails filtered by spam assassin?
> >> >
> >> > Any help would be great appreciable :)
> >> >
> >> >
> >> > Thanks,
> >> > Sal
> >> >
> >> > --
> >> > View this message in context:
> >> > http://www.nabble.com/Mail-relaying-tf4799845.html#a13732221 Sent
> from
> >> > the Exim Users mailing list archive at Nabble.com.
> >>
> >>
> >>
> >> --
> >> Ian Eiloart
> >> IT Services, University of Sussex
> >> x3148
> >>
>
>
>
> --
> Ian Eiloart
> IT Services, University of Sussex
> x3148
>