Re: [exim] Spam Filtering / dnslists

Top Page
Delete this message
Reply to this message
Author: exi.ml
Date:  
To: exim users
Subject: Re: [exim] Spam Filtering / dnslists
On Mon, 12 Feb 2018, Sebastian Nielsen via Exim-users wrote:
> I use the following banlist, works pretty well for me, for MAIL FROM stage:
>
>  deny
>    message = Banned TLD
>    sender_domains =
> ^(?i).*\\.(bid|store|club|top|xyz|pro|date|faith|stream|host|loan|download|click|link|science|design|gdn|men|win|party|webcam|rocks|email|life|ninja|online|racing|review|site|trade|vividal|website|works|work|cricket|help|camera|computer|space|uno|tech|news|space|guru|berlin|photography|global|today|solutions|media|world|university)\$

>
> And also for MIME From, for data stage:
>
> deny
>    message = Banned TLD in MIME From ($h_from:)
>    condition = ${if match
> {$h_from:}{^(?i).*\\.(bid|store|club|top|xyz|pro|date|faith|stream|host|loan|download|click|link|science|design|gdn|men|win|party|webcam|rocks|email|life|ninja|online|racing|review|site|trade|vividal|website|works|work|cricket|help|camera|computer|space|uno|tech|news|space|guru|berlin|photography|global|today|solutions|media|world|university)>\$}{yes}{no}}


Thanks for sharing, Sebastian! This seems very neat, and simple enough. I
think I will apply your rules in my configuration file :-)

As for me, I use:

* Pyruse (https://yalis.fr/git/yves/pyruse/) to detect bogus connection
attempts, and ban the IP that abuse the service (so far, China, India,
Ukraine...)
* sbl.spamhaus.org to blacklist domains from my exim.conf file

Cheers,
Y.