Re: [exim] anti-spam pointers please

Top Page
This message is part of the following thread:
M+-+\the complete thread tree sorted by date
MM.MMRory Campbell-Lange at <-
MM\MMRory Campbell-Lange at ->
Delete this message
Reply to this message
Author: Larry Rosenman
Date:  
To: Rory Campbell-Lange, exim-users
CC: Exim-users
Subject: Re: [exim] anti-spam pointers please
On 04/01/2019 2:01 pm, Rory Campbell-Lange via Exim-users wrote:
> Hi
>
> It's some years since I've spent time tweaking my exim setup to receive
> spam. I've forgotten any skills I might once have had in this area.
>
> I've gotten sick of getting 30+ spam emails a day and need to do
> something
> about it! I'd be grateful for some pointers to the state-of-the-art
> setup.
>
> right now relay blocks, cram_md5 rejects and spamhaus blocks account
> for about
> 500-1000 rejections a day (no wonder everyone has gone to Google
> mail!).
>
> I'm running Exim 4.89-2+deb9u3 under Debian, with spamassassin/spamc
> 3.4.2.1
>
> Spamd is reporting along the following lines.
> 
>     spamd: result: . 0 - BAYES_00,
>                 DKIMWL_WL_HIGH,
>                 DKIM_SIGNED,
>                 DKIM_VALID,
>                 DKIM_VALID_EF,
>                 FORGED_MUA_MOZILLA,
>                 HEADER_FROM_DIFFERENT_DOMAINS,
>                 MAILING_LIST_MULTI,
>                 SPF_PASS,
>                 URIBL_BLOCKED scantime=0.5,
>                 size=5448,
>                 user=mail,
>                 uid=8,
>                 required_score=3.0,
>                 rhost=127.0.0.1,
>                 raddr=127.0.0.1,
>                 rport=59670,
>                 mid=<example.mail.com>,
>                 bayes=0.000000,
>                 autolearn=disabled

>
> Pointers much appreciated.
>
> Rory

I use the following in my content check ACL: 

   warn  message = X-Spam-Score: $spam_score ($spam_bar)
         ! authenticated = *
         spam = smmsp:true
   warn  message = X-LERCTR-Spam-Score: $spam_score ($spam_bar)
         ! authenticated = *
         spam = smmsp:true
   warn  message = X-Spam-Report: $spam_report
         ! authenticated = *
         spam = smmsp:true
   warn  message = X-LERCTR-Spam-Report: $spam_report
         ! authenticated = *
         spam = smmsp:true
   # Add X-Spam-Flag if spam is over system-wide threshold
   warn message = X-Spam-Flag: YES
         ! authenticated = *
         spam = smmsp:true
         condition = ${if >={$spam_score_int}{50}{1}{0}}
   warn message = X-LERCTR-Spam-Flag: YES
         ! authenticated = *
         spam = smmsp:true
         condition = ${if >={$spam_score_int}{50}{1}{0}}


   #warn  message = DomainKey-Status: $dkim_status
#       !condition = ${if eq{$dkim_status}{}{1}{0}}
   # Reject spam messages with score over 7, using an extra condition.
   deny  message = This message scored $spam_score points. 
Congratulations!
         ! authenticated = *
         spam = smmsp:true
         condition = ${if >{$spam_score_int}{70}{1}{0}}


With having spamd_address set to 127.0.0.1 783 in the first section. 

-- 
Larry Rosenman                     http://www.lerctr.org/~ler
Phone: +1 214-642-9640                 E-Mail: ler@???
US Mail: 5708 Sabbia Dr, Round Rock, TX 78665-2106


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-[exim] anti-spam pointers pleaseRe: [exim] anti-spam pointers please->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)