Re: [exim] ot: rDNS + spam assassin

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MJan Ingvoldstad at <-
M\Always Learning at ->
Delete this message
Reply to this message
Author: Always Learning
Date:  
To: Exim
Subject: Re: [exim] ot: rDNS + spam assassin

On Tue, 2016-09-20 at 17:23 +0200, Jan Ingvoldstad wrote: 

> > drop   condition  = ${lookup dnsdb{ptr=$sender_host_address} {0}{1} }
> >        message    = [SNA03] Rejected. Sender's IP address has no Host
> > name. \
> >                     MESS3
> >        delay      = 15s

Hosted production domains have between 3 and 5 incoming MTAs (spanning 3
countries (UK is 1 country, not 4)) using different groups of multiple
DNS look-ups.

DWZ: No single point of failure. 

> > drop   condition  = ${if and{{def:sender_host_address}{!
> > def:sender_host_name}} \
> >                        {yes}{no}}
> >        message    = [SNA04] Sender's Host has No Reverse DNS. \
> >                     Ask your technical experts to rectify the problem.

> This would also appear to fail if _you_ have a DNS problem.

Hetzelfde, the same

> I would recommend deferring the decision until later in the two above cases.

Users' safety and security is more important than receiving emails sent
from sloppily configured outgoing MTAs. Why should we downgrade our
security to compensate for poor standards by those that do not care or
whom lack basic technical awareness ?

> > drop condition = ${if match{${lc:$sender_host_name}} \
> > {(broadband|client|customer|dsl|dyn|dynamic|home|host|static|user)(\\d|
> > \\.|\\-|ip)} \ 

       condition  = ${if match{${lc:$sender_host_name}}
{smarthost}{0}{1} }
#                   note {0}{1} = non-match
       !condition = ${if match{${lc:$sender_host_name}} {mailhost} }
       !hosts     = EXDIR/hosts.a13


> This would appear to eliminate several legitimate hosting providers which
> are not home internet connections, as you don't check on word boundaries,
> and even so, might match other legitimate services.

Exceptions can be added to EXDIR/hosts.a13. The current contents are:-

mail.host100.co.uk
*.pndsl.co.uk
*.smarthost.com
*.yorhost.net



Every rejection message, for these 3 examples, includes an alternative
email address which bypasses these checks - thus genuine senders blocked
(very few, estimated at 0.001%) can still contact us. Genuine senders
know users' telephone numbers thus there are 2 alternative methods to
report problems to us.

A daily Logwatch with a customised Exim section alerts us to potential
problems in addition to highlighting significant events. An instant
email alert notifies us of mail refusals in other ACLs.


Mvg,


--
Regards, 

Paul.
England, EU.      England's place is in the European Union.



This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] ot: rDNS + spam assassin[exim] Exim discards email to unreachable smarthost with no DSN->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)