Re: [exim] Abuse Bypassing SA when in To or CC

Page principale
Ce message fait partie du fil suivant :
M+\Arborescence complète du fil triée par date
MMMGaurav Pruthi à <-
Ted Cooper à ->
Supprimer ce message
Répondre à ce message
Auteur: Mr Shunz
Date:  
À: exim-users
Sujet: Re: [exim] Abuse Bypassing SA when in To or CC
On Jan 22, 2008 8:45 AM, Gaurav Pruthi <gkpruthi@???> wrote:
> Hi,

Hi

>
> Spammers bypass the SA check when they put abuse@??? in To or CC
> field. And putting genuine mail IDs in Other headers.
> Here is the ACL i have in exim
>
> check_recipient:
>
>
>   warn     message       = X-SA-Do-Not-Rej: Yes
>            local_parts   = postmaster:abuse

>
>
>  warn     message       = X-SA-Do-Not-Run: Yes
>         local_parts   = abuse:MAILER-DAEMON

>
>
> This ACL prevents SA to run & reject if it has abuse in its header.

actually this ACL simply adds headers, to bypass SA should be smth like 

deny   condition = ......
       spam = nobody/defer_ok
       ! local_parts = postmaster:abuse
       ...

>
> How can i modify this acl to run SA in case it has more recepient other than
> abuse, postmaster or MAILER-DAEMON.

in my example simply take out the ! local_parts line ...

As a side note, on our clients mailservers, for postmaster/abuse we
just skip RBL/blacklists checks but
not SA checks, else we'll get 10x times the spam we have normally...

Cheers 

-- 
Daniele Santi        .o.
MrShunz@???    ..o    |,,,/_
Linux User #415108   ooo
---------------------------------------------------------
()  ascii ribbon campaign - against html mail
/\                        - against microsoft attachments
---------------------------------------------------------


Ce message a été envoyé sur les listes de diffusion suivantes :
Exim-users
Informations sur la liste de diffusion | Messages voisins		<-Re: [exim] mixed deliveryRe: [exim] Abuse Bypassing SA when in To or CC->
Tahini and Hummus and Cumin Development Archives administré par cumin AdminsLurker (version 2.3)