Am 25.11.20 um 13:40 schrieb The Doctor via Exim-users: > IS there a scripts that could
>
> a) Examine a spam/junk Mailbox for the origin of spam
> and parse the IP of origin
>
> and
>
> b) Tell exim to block such IP addresses?
> As Exim just delivers the mails to a box, it doesn't know anything about
besides the format: no.
You have to do it yourself.
Ofcourse you can do this with the help of exim, as I do it. Just call a
script anytime to use a certain spambox router or transport and add the
ip in your firewall.
I block brute-forcers that way, if they test nonexisting mailaddresses:
drop message = blacklisted for bruteforce cracking attempt
set acl_c_authnomail = ${eval10:0$acl_c_authnomail+1}
condition = ${if >{$acl_c_authnomail}{4}}
condition = ${run{/....addspam
$sender_host_address}{yes}{$value}}
do sanity checks before you use a variable as argument.
