[exim] Frankenstein exim.conf

Top Page
Delete this message
Reply to this message
Author: schmerold2@gmail.com
Date:  
To: exim-users
Subject: [exim] Frankenstein exim.conf
I have tweaked exim.conf so many times over the years, that I am
concerned something(s) are completely disfunctional. For example I have
been receiving spam from servers blacklist by mcafee & barracuda,
reviewing the logs, I find neither blacklist has blocked any message.

Comments on this situation are appreciated. My acl follows:
############# ACCEPT SETTINGS#######################
begin acl

acl_check_rcpt:
accept hosts = lsearch;/etc/exim/whitelist
accept hosts = :
deny local_parts = ^.*[@%!/|] : ^\\.

   deny message   = HELO Policy Restriction: HELO is not an FQDN.
      condition = ${if match{$sender_helo_name}{\N^\[\N}{no}{yes}}
      condition = ${if match{$sender_helo_name}{\N[^.]\N}{no}{yes}}


   accept domains = +relay_to_domains
          endpass
          message = relay not permitted at this server
          verify = recipient


accept hosts = +relay_from_hosts

   deny senders = :
           condition     = ${if ! eq{$recipients_count}{1}{1}}
           message       = Bounces must have only a single recipient
           log_message   = Another denied due to backscatter-Single 
Recipient


deny message = relay not permitted at this server

   deny message = rejected because $sender_host_address is in a black 
list at $dnslist_domain\n$dnslist_text
   deny dnslists = 
zen.spamhaus.org/<;$sender_host_address;$sender_address_domain :\
        cidr.bl.mcafee.com : bl.spameatingmonkey.net : bl.mailspike.net 
: dnsbl.sorbs.net : b.barracudacentral.org : bb.barracudacentral.org : 
psbl.surriel.com : \
        hostkarma.junkemailfilter.com=127.0.0.2


   deny message = REJECTED - Sender Verify Failed and no RDNS
        !verify = reverse_host_lookup
        !verify = sender/callout=2m,defer_ok
        !senders = +whitelist_senders
        !condition =  ${if eq{$sender_verify_failure}{}}


acl_check_mime:

warn decode = default

   deny message = Blacklisted file extension detected
        condition = ${if match \
                         {${lc:$mime_filename}} \
                         {\N(\.exe|\.pif|\.bat|\.scr|\.lnk|\.com)$\N} \
                      {1}{0}}


     accept


acl_check_content:
     deny senders = /etc/exim/blacklist


    deny message   = Content Policy Restriction: Messages without From 
header are not permitted.
       condition = ${if eq{$header_from:}{}}


     deny message   = Content Policy Restriction: Multiple from 
addresses are not accepted here.
       condition = ${if match{$header_from:}{@.+@.+@}}



     deny message = This message contains a virus or other harmful 
content ($malware_name)
                   condition = ${if <{$message_size}{700k}{1}{0}}
                   demime = *
                   malware = *


    deny condition = ${if <{$message_size}{700k}{yes}{no}}
         condition = ${if eq{$acl_m0}{}{yes}{no}}
         set acl_m1 = ${perl{surblspamcheck}}
         condition = ${if eq{$acl_m1}{false}{no}{yes}}
         message = $acl_m1


     warn message = X-Spam-Score: $spam_score
          spam = exim:true


     warn message = X-Spam-Report: $spam_report
          spam = exim:true


     warn message = Subject: **** SPAM **** $h_Subject
          spam = exim


     deny message = This message scored $spam_score spam points.
          condition = ${if <{$message_size}{975k}{1}{0}}
          spam = exim:true
          condition = ${if >{$spam_score_int}{70}{1}{0}}


     warn set acl_m_greylistreasons = We greylist all 
mail\n$acl_m_greylistreasons
          require acl = greylist_mail


     accept



.include /etc/exim/exim-greylist.conf.inc






--
John Schmerold
St Louis