> I try to write acl for incomming chinese spam. Does anyone know how to check
> for chinese content?
begin acl
acl_check_rcpt:
...
require message = relay not permitted
domains = +local_domains : +relay_to_domains
require verify = recipient
accept hosts = +whitelisted_hosts
logwrite = $sender_host_address locally whitelisted
deny message = I don`t accept mail from China,HongKong,Taiwan, Korea, \
Vietnam because too many admins there do not care \
about outgoing spam. Your \
IP-address seems to belong to: $dnslist_text.
dnslists = zz.countries.nerd.dk=127.0.0.156,127.0.1.88,127.0.0.158,\
127.0.1.154,127.0.2.192
...
acl_check_mime:
accept condition = ${if def:header_List-ID:}
accept condition = ${lookup{$sender_address_domain}nwildlsearch\
{/usr/local/etc/exim/mailing_list_domains}{1}{0}}
deny message = Blocked as Chinese spam (type 1)
condition = ${if match{$rheader_Subject:}{\N=\?utf-8\?B\?\N}}
condition = ${if match{$bheader_X-mailer:}{\NFoxmail [\d, ]+ \[cn\]\N}}
condition = ${if or{\
{eq{$mime_content_type}{application/vnd.ms-excel}}\
{match{$mime_filename}{\N(?i)\.xls$\N}}\
}}
deny message = Blocked as Chinese spam (type 2)
condition = ${if eq{$mime_content_type}{text/plain}}
condition = ${if eqi{$mime_charset}{UTF-8}}
mime_regex = \N\
([\x01-\x7f](\xe2\x96\xb2)?(\xe4[\xb8-\xbf]|[\xe5-\xe9]).+?){3}
deny message = Blocked as Chinese spam (type 4)
condition = ${if eq{$mime_content_type}{text/html}}
condition = ${if eqi{$mime_charset}{utf-8}}
mime_regex = <FONT face=[^>]+_GB2312>
deny message = Blocked as Vietnamese spam from gmail
condition = ${if match{$sender_host_name}\
{\N^mail-[\w-]+\.google\.com$\N}}
condition = ${if match{$mime_content_type}{text/(plain|html)}}
condition = ${if eqi{$mime_charset}{UTF-8}}
mime_regex = \N([\x01-\x7f](\xe1(\xba[\xa1-\xa3\xa5\xa6\xa8\xab\xad\xb6\xbe\xbf]|\xbb[\x81\x82\x85-\x87\x89-\x92\x97\x99-\x9c\xaa\xab\xad\xb0\xb1])|\xc3[\xaa\xa2\xb4]\xcc[\x81\x83\x89])[\x01-\x7f].*?){3}
...
acl_check_data:
...
accept hosts = : +whitelisted_hosts
deny message = I understand neither Chinese nor Korean nor Japanese
condition = ${if or{\
{match{$message_headers_raw}{\N(?i)charset="?(gb2312|big5|gbk|ks_c_|euc[_-]kr|shift_jis)\N}}\
{match{$message_headers_raw}{\N(?i)=\?(gb2312|big5|gbk|ks_c_\w*|euc[_-]kr|shift_jis)\?[BbQq]\?\N}}\
{match{$message_body}{\N(?i)(content-type:\s*text\/(plain|html);\s*charset=\s*"?|content=(3D)?["']text\/html;\s*charset=(3D)?)(gb2312|big5|gbk|ks_c_|euc[_-]kr|shift_jis)\N}}\
}}
deny message = Blocked as Chinese spam (type 3)
condition = ${if match{$rheader_Subject:}{\N^ =\?utf-8\?\N}}
condition = ${if match{$bheader_Subject:}\
{\N^(\xe2\x96\xb2)?(\xe4[\xb8-\xbf]|[\xe5-\xe9])\N}}
deny message = I consider a Chinese mailbox in Reply-To as a sign of spam.
condition = ${if match_domain{${domain:$header_reply-to:}}\
{yahoo.cn:yahoo.com.cn:yahoo.com.hk:w.cn}}
...
The file mailing_list_domains:
groups.io
*.groups.io
^yahoogroups\.
returns.groups.yahoo.com
googlegroups.com
^listserv\.
^lists\.
freebsd.org
exim.org
mailground.net
opennet.ru
subscribe.ru
njabl.org
spammers.dontlike.us
mailop.org
mutt.org
