Hello,I am currently testing an ACL which seems to catch many dynamic IPs by their reverse DNS.
I am using:
warn
set acl_c6=${lookupdnsdb{ptr=$sender_host_address}{${lc:$value}}{}}
condition = ${if
match{$acl_c6}{\N(^[^\.]*[0-9]\-+[0-9]|^[^\.]*[0-9]{5,}[^\.]|^([^\.]+\.)?[0-9][^\.]*\.[^\.]+\..+\.[a-z]|^[^\.]*[0-9]\.[^\.]*[0-9]-[0-9]|^(dyn|cable|dhcp|dialup|ppp|adsl)[^\.]*[0-9])\N}{yes}{no}}
log_message = Generic reverse DNS delay = 60s
It seems to deliver good results so far. I you could share your experience with it, I think it would be beneficial for the antispam lovers on this list. Sorry for the length of the regex but it is the shortest I could do.
-- 010100100110010101101110011000010111010101100100 010000010110110001101100011000010111001001100100
smime.p7s
Description: S/MIME Cryptographic Signature
-- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
