Re: [exim] Exim is forwarding spam.

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MAdam D. Barratt at <-
MChris Knadle at ->
Delete this message
Reply to this message
Author: Chris Knadle
Date:  
To: exim-users
Subject: Re: [exim] Exim is forwarding spam.
On Friday, June 29, 2012 10:53:45, Cyborg wrote:
> Am 29.06.2012 14:58, schrieb nezinomi asmenys:
> > Hi,
> >
> > How can I make Exim stop forwarding spam? I am using 'exim4u' config
> > file.
> >
> > http://www.1232px.lt/exim.conf
> >
> > Domas
>
> yes of course, enable the spamassasin config part and set it to filter
> mails. i.e. like this.
>
> spamd_address = 127.0.0.1 783
> 
>    # Run SpamAssassin, but allow for it to fail or time out. Add a
> warning message
>    # and accept the mail if that happens. Add an X-Spam-Flag: header if
> the SA
>    # score exceeds the SA system threshold.

> 
>    warn    condition  = ${if eq{$authenticated_id}{} {1}{0}}
>                 spam       = nobody/defer_ok
>                 add_header = X-Spam-Flag: YES

> 
>    # And reject if the SpamAssassin score is greater than ten
>    #
>    deny    condition = ${if >{$spam_score_int}{10}} {1}}
>                message   = Your message scored $spam_score SpamAssassin
> point. Report follows:\n\
>                                      $spam_report

>
>
> You may want to add some more rules for it, i.e. a whitelist based on
> domainnames etc. etc.
>
> You can find more examples in the spamassassin and exim docs.

Rather than 'deny' I prefer to use 'drop' to forcably close the SMTP
connection when a spam message has been detected, and I delay that response
for 15 to try to slow down the sender slightly. I'm doing some mail relaying
for some domains in which the admin on the other side wants the spam to be
accepted and then discarded rather than rejected, so the combination is the
following:


acl_check_recpt: 

  warn
    domains = !+spamdiscard_domains
    set acl_m_denyspam = yes


  warn
    domains = +spamdiscard_domains
    set acl_m_denyspam = no


acl_check_data: 

  drop
    hosts       = !+relay_from_hosts
    condition   = ${if eq{$acl_m_denyspam}{yes} {yes}{no}}
    !senders    = postmaster@*
    message     = Spam message detected; message rejected.\n\
                  If you think this is wrong, get in touch with postmaster.
    condition   = ${if match{$recipients}{postmaster}{no}{yes}}
    condition   = ${if >{$spam_score_int}{50}{1}{0}}
    log_message = msg rejected due to spam score of $spam_score
    delay       = 15s


  discard
    hosts       = !+relay_from_hosts
    condition   = ${if eq{$acl_m_denyspam}{no} {yes}{no}}
    !senders    = postmaster@*
    message     = Spam message detected; message discarded.\n\
                  If you think this is wrong, get in touch with postmaster.
    condition   = ${if match{$recipients}{postmaster}{no}{yes}}
    condition   = ${if >{$spam_score_int}{50}{1}{0}}
    log_message = msg discarded due to spam score of $spam_score




-- Chris

--
Chris Knadle
Chris.Knadle@???

This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] Exim is forwarding spam.Re: [exim] Exim is forwarding spam.->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)