I have tweaked exim.conf so many times over the years, that I am
concerned something(s) are completely disfunctional. For example I have
been receiving spam from servers blacklist by mcafee & barracuda,
reviewing the logs, I find neither blacklist has blocked any message.
Comments on this situation are appreciated. My acl follows:
############# ACCEPT SETTINGS#######################
begin acl
acl_check_rcpt:
accept hosts = lsearch;/etc/exim/whitelist
accept hosts = :
deny local_parts = ^.*[@%!/|] : ^\\.
deny message = HELO Policy Restriction: HELO is not an FQDN.
condition = ${if match{$sender_helo_name}{\N^\[\N}{no}{yes}}
condition = ${if match{$sender_helo_name}{\N[^.]\N}{no}{yes}}
accept domains = +relay_to_domains
endpass
message = relay not permitted at this server
verify = recipient
accept hosts = +relay_from_hosts
deny senders = :
condition = ${if ! eq{$recipients_count}{1}{1}}
message = Bounces must have only a single recipient
log_message = Another denied due to backscatter-Single
Recipient
deny message = relay not permitted at this server
deny message = rejected because $sender_host_address is in a black
list at $dnslist_domain\n$dnslist_text
deny dnslists =
zen.spamhaus.org/<;$sender_host_address;$sender_address_domain :\
cidr.bl.mcafee.com : bl.spameatingmonkey.net : bl.mailspike.net
: dnsbl.sorbs.net : b.barracudacentral.org : bb.barracudacentral.org :
psbl.surriel.com : \
hostkarma.junkemailfilter.com=127.0.0.2
deny message = REJECTED - Sender Verify Failed and no RDNS
!verify = reverse_host_lookup
!verify = sender/callout=2m,defer_ok
!senders = +whitelist_senders
!condition = ${if eq{$sender_verify_failure}{}}
acl_check_mime:
warn decode = default
deny message = Blacklisted file extension detected
condition = ${if match \
{${lc:$mime_filename}} \
{\N(\.exe|\.pif|\.bat|\.scr|\.lnk|\.com)$\N} \
{1}{0}}
accept
acl_check_content:
deny senders = /etc/exim/blacklist
deny message = Content Policy Restriction: Messages without From
header are not permitted.
condition = ${if eq{$header_from:}{}}
deny message = Content Policy Restriction: Multiple from
addresses are not accepted here.
condition = ${if match{$header_from:}{@.+@.+@}}
deny message = This message contains a virus or other harmful
content ($malware_name)
condition = ${if <{$message_size}{700k}{1}{0}}
demime = *
malware = *
deny condition = ${if <{$message_size}{700k}{yes}{no}}
condition = ${if eq{$acl_m0}{}{yes}{no}}
set acl_m1 = ${perl{surblspamcheck}}
condition = ${if eq{$acl_m1}{false}{no}{yes}}
message = $acl_m1
warn message = X-Spam-Score: $spam_score
spam = exim:true
warn message = X-Spam-Report: $spam_report
spam = exim:true
warn message = Subject: **** SPAM **** $h_Subject
spam = exim
deny message = This message scored $spam_score spam points.
condition = ${if <{$message_size}{975k}{1}{0}}
spam = exim:true
condition = ${if >{$spam_score_int}{70}{1}{0}}
warn set acl_m_greylistreasons = We greylist all
mail\n$acl_m_greylistreasons
require acl = greylist_mail
accept
.include /etc/exim/exim-greylist.conf.inc
--
John Schmerold
St Louis
