Re: [exim] help with condition match

Top Page
Delete this message
Reply to this message
Author: Jim Pazarena
Date:  
To: exim-users
Subject: Re: [exim] help with condition match
This wildlsearch has greatly simplified by spam filtering.
Thank you very much.

-------- Original Message --------
Subject: Re: [exim] help with condition match
Date: Thu, 07 Jun 2012 06:02:13 +0000
From: W B Hacker <wbh@???>
To: exim users <exim-users@???>



Not a direct answer to your question, but hopefully a more
efficient way to eliminate it.

You might find this easier to maintain as it needeth not editing
of the configure file.

====

deny
     condition   = \
${lookup {$sender_host_name}wildlsearch{/var/filters/blockfile {yes}{no}}


===

The blockfile cited is a simple flat-file with entries of the form;

===

*pool-ukrtel.net

===

One per line. Can be appended to with scripting, and/or maintained with
an ignorant text editor.

No /configure editing needed thereafter.

No exim restart needed at changes

Giving each miscreant it own acl stanza will run you ragged, given that
the flatfile here has about 3 or 4 thousand entries...

And BTW...

.. an exim rDNS check will toss all the dynamic-IP pool WINbots right at
'CONNECT' for failure to have a PTR RR that mates to an A or MX record
for a proper FQDN.

That PROBABLY would nail the one you cite. And essentially ALL OTHER
Winbots on residential connectivity pools, with minimal Exim workload.

Make sure to apply that check only to port 25. Your own user-commmuity
arriving on port 587 will seldom have DNS credentials, nor should they.

===
deny
condition   = ${if eq{$interface_port}{25}}
!verify     = reverse_host_lookup
===


Look at a (usually very small) IP-whitelist FIRST, then skip this test
for the very, very few of our trusted correspondents you NEED to give a
hall-pass to. File-storage or bespoke-application servers who have no
FQDN assigned but must send you cron'ed reports, to name one such.

HTH,

Bill