Ronaldo Luiz de Carvalho <ronaldol@???> (Mi 08 Mai 2013 20:03:37 CEST):
> Hi all,
>
> I'm receiving a lot of Spam from two domains, that change the IP frequently,
> how could I block these domains by name?
In case you're talking about the envelope, the best way is to block
these domains in the rcpt acl. If you're using a (more or less) modified
default configuration, you may try this:
acl_check_rcpt:
accept local_parts = postmaster
…
deny message = Sender rejected for policy reasons.
sender_domains = example.com : example.de
…
> Another question, there are a way to block messages using some words that
> are on the Subject?
acl_check_data:
deny message = Message rejected for policy reasons.
condition = ${if match{$h_subject:}{(?i:money|gold|girls)}
accept
But, further investigation of the spec.txt file might be necessary ;-),
if you want to have more patterns, or if you want to scan more than the
header line(s) (there is a "regex" acl condition).
You may take care about the subject encoding ($rheader_* vs. $bheader_*
vs. $header_*).
Probably using a content filter/evaluator a la spamd is an option. Exim
provides a interface to such beasts too.
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de ---------------------------- internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome --------------- key ID: 7CBF764A -
gnupg fingerprint: 9288 F17D BBF9 9625 5ABC 285C 26A9 687E 7CBF 764A -
(gnupg fingerprint: 3061 CFBF 2D88 F034 E8D2 7E92 EE4E AC98 48D0 359B)-
