Hi,
I would like to capture IP addresses and spam scores of mails with
spam scores > than x, insert into to a MySQL db and use that result if
it recurs y times to temporarily blacklist the IP addresses.
I am thinking along the lines of using macros and ACL in exim as follows;
------------------------------------
HIGH_SPAM_SCORE = ${if >{$spam_score_int}{120}{1}{0}}
SPAM_SCORE_ADD = \
INSERT INTO eximdb1.exim_blacklist (relay_ip, from_domain, \
block_expires, record_expires, create_time, spam_score_int) \
VALUES ( '${quote_mysql:$sender_host_address}', \
'${quote_mysql:$sender_address_domain}', \
'${quote_mysql:$spam_score_int}', \
DATE_ADD(now(), INTERVAL 1 DAY), \
DATE_ADD(now(), INTERVAL 1 DAY), \
now() \
);
SPAM_SCORE_UPDATE = UPDATE exim_blacklist \
SET record_expires = DATE_ADD(NOW(), INTERVAL 1 WEEK) \
WHERE relay_ip = '${quote_mysql:$sender_host_address}'
#ACL
warn set acl_m4 = ${lookup mysql{HIGH_SPAM_SCORE}{$value}{0}}
deny
! authenticated = *
condition = ${if eq{$acl_m4}{1}{yes}}
condition = ${lookup mysql{SPAM_SCORE_UPDATE}{yes}{yes}}
message = You have been temporarily been blacklisted
------------------------------
Any ideas appreciated, especially on the lines below if they are workable
HIGH_SPAM_SCORE = ${if >{$spam_score_int}{120}{1}{0}}
warn set acl_m4 = ${lookup mysql{HIGH_SPAM_SCORE}{$value}{0}}
Rgds,
Andrew.
