[exim] Backscatter Spam Again. HELP PLEASE!

Tue, 04 Mar 2008 06:55:29 -0800 

Hi all,

Again, I am getting slaughtered on the spamlists....Borderware, Barracuda 
etc etc etc. and it appears to all be because of backscatter spam.

I am seriously in need of some help.

Again, the question is ... how do I turn OFF bounces altogether, or better 
yet, only send bounces to locally generated email.

Here is a copy of my configre file:

##################################################################################################

######################################################################
#                    MAIN CONFIGURATION SETTINGS                     #
######################################################################
primary_hostname = my_hostname_here.com
domainlist local_domains = /etc/virtual/domains
domainlist relay_to_domains =
hostlist relay_from_hosts = /etc/virtual/domains
hostlist blacklisted_domains = /etc/virtual/blacklist
acl_smtp_rcpt = acl_check_rcpt
trusted_users = mailnull:root:webmail:www
exim_user = mailnull
exim_group = mail
never_users =
host_lookup = *
rfc1413_hosts = *
rfc1413_query_timeout = 0s
ignore_bounce_errors_after = 0s
timeout_frozen_after = 1d
return_path_remove
untrusted_set_sender = *
helo_allow_chars = _
daemon_smtp_ports = 25 : 109
bounce_message_file = /usr/local/etc/exim/bounce_message_file
warn_message_file = /usr/local/etc/exim/warn_message_file
return_size_limit = 10000
bounce_return_message = false
delay_warning = 72h
log_selector = +incoming_interface
######################################################################
#                       ACL CONFIGURATION                            #
#         Specifies access control lists for incoming SMTP mail      #
######################################################################
begin acl
acl_check_rcpt:
  accept  hosts = :
  dnslists = ips.backscatterer.org
  message = This message looks like a bounce, and your server is listed at \
  ips.backscatterer.org, so I assume that this is "backscatter". \
  Please configure your mail server to not send "backscatter spam". \
  For advice, try http://www.dontbouncespam.org/
  log_message = ATTENTION BACKSCATTERER
  deny    local_parts   = [EMAIL PROTECTED]/|] : ^\\.
  accept  local_parts   = postmaster
          domains       = +local_domains
  require verify        = sender
  deny    message       = rejected because $sender_host_address was \
                          found in our blacklist
          log_message   = domain found in $blacklisted_domains
          hosts         = +blacklisted_domains
  accept  domains       = +local_domains
          endpass
          message       = unknown user
          verify        = recipient
  accept  domains       = +relay_to_domains
          endpass
          message       = unrouteable address
          verify        = recipient
  accept  hosts         = +relay_from_hosts
  accept  authenticated = *


######################################################################
#                      ROUTERS CONFIGURATION                         #
#               Specifies how addresses are handled                  #
######################################################################
#     THE ORDER IN WHICH THE ROUTERS ARE DEFINED IS IMPORTANT!       #
# An address is passed to each router in turn until it is accepted.  #
######################################################################
begin routers

dnslookup_a_specific_domain:
  driver = dnslookup
  domains = ! +local_domains
  condition = ${if eq {$sender_address_domain}{a_specific_domain}{Yes}{No}}
  transport = remote_smtp_a_specific_domain
  ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
  no_more

dnslookup_owm:
  driver = dnslookup
  domains = ! +local_domains
  condition = ${if eq {$sender_host_address}{127.0.0.1} {yes}{no}}
  transport = remote_smtp_owm
  ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
  no_more

dnslookup:
  driver = dnslookup
  domains = ! +local_domains
  transport = remote_smtp
  ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
  no_more

#majordomo_aliases:
#  driver = redirect
#  allow_defer
#  allow_fail
#  require_files = /home/$domain/majordomo/aliases.majordomo
#  data = 
${lookup{$local_part}lsearch{/home/$domain/majordomo/aliases.majordomo}}
#  domains = /etc/virtual/domains
#  file_transport = address_file
#  pipe_transport = majordomo_pipe
#  retry_use_local_part
#  no_rewrite
#  user = majordom

spamcheck_router:
   driver = accept
   no_verify
   condition = "${if and { {!def:h_X-Spam-Flag:} {!eq 
{$received_protocol}{spam-scanned}}} {1}{0}}"
   transport = spamcheck

virtual_alias:
  driver = redirect
  allow_defer
  allow_fail
  data = ${lookup {$local_part} lsearch {/home/$domain/mail/aliases}}
  domains = /etc/virtual/domains
  require_files = /home/$domain/mail/aliases
# condition add per advice from Phil
  condition = ${lookup {$local_part} lsearch {/home/$domain/mail/aliases} 
{yes}{no}}
  qualify_preserve_domain
  retry_use_local_part
  check_ancestor
  one_time
  file_transport = address_file
  pipe_transport = address_pipe
  reply_transport = address_reply

autoreply_router:
  driver = accept
  require_files = /home/$domain/mail/auto-replies/$local_part
  transport = autoreply_transport
  no_verify
  unseen

virtual_localuser:
  driver = accept
  require_files = /etc/virtual/$domain/passwd
  domains = /etc/virtual/domains
  condition = ${lookup {$local_part} lsearch 
{/etc/virtual/$domain/passwd}{$value}}
  transport = virtual_localdelivery

virtual_catchall:
  driver = redirect
  allow_defer
  allow_fail
  data = ${lookup {catchall} lsearch {/home/$domain/mail/aliases}}
  domains = /etc/virtual/domains
  require_files = /home/$domain/mail/aliases
# condition added per advice from Phil
  condition = ${lookup {catchall}lsearch{/home/$domain/mail/aliases} 
{yes}{no}}
  qualify_preserve_domain
  retry_use_local_part
  check_ancestor
  one_time
  file_transport = address_file
  pipe_transport = address_pipe
  reply_transport = address_reply

localuser:
  driver = accept
  check_local_user
  condition = ${lookup {$sender_helo_name} lsearch 
{/etc/virtual/domains}{YES}{NO}}
  transport = local_delivery

######################################################################
#                      TRANSPORTS CONFIGURATION                      #
######################################################################
#                       ORDER DOES NOT MATTER                        #
#     Only one appropriate transport is called for each delivery.    #
######################################################################
begin transports

remote_smtp_a_specific_domain:
        driver = smtp
        return_path_add = true

remote_smtp_owm:
        driver = smtp
        helo_data       = $sender_address_domain
        interface       = ${lookup dnsdb{a=$sender_address_domain}}
        return_path_add = true
        debug_print = "XX T: remote_smtp for [EMAIL PROTECTED] Sent VIA 
$interface_address XX"

remote_smtp:
        driver = smtp
        helo_data = ${lookup 
dnsdb{defer_never,ptr=$interface_address}{$value}{$primary_hostname}}
        interface = $interface_address
        return_path_add = true
        debug_print = "XX T: remote_smtp for [EMAIL PROTECTED] Sent VIA 
$interface_address XX"

autoreply_transport:
  driver = pipe
  command = /usr/local/bin/autoreply.pl 
/home/$domain/mail/auto-replies/$local_part

spamcheck:
  driver = pipe
  command = /usr/local/sbin/exim -oMr spam-scanned -bS
  use_bsmtp = true
  transport_filter = /usr/local/bin/spamc -u 
${lookup{$domain}lsearch{/etc/virtual/domains_users}}
  home_directory = "/tmp"
  current_directory = "/tmp"
  # must use a privileged user to set $received_protocol on the way back in!
  user = mailnull
##  user = ${lookup{$domain}lsearch{/etc/virtual/domains_users}}
  group = mailnull
  log_output = true
  return_fail_output = false
  return_path_add
  message_prefix =
  message_suffix =

virtual_localdelivery:
  driver = appendfile
  create_directory = true
  directory_mode = 700
  file = /var/spool/virtual/${domain}/${local_part}
  headers_remove = "Bcc"
  return_path_add
#  user = mailnull
  user = ${lookup{$domain}lsearch{/etc/virtual/domains_users}}
  group = mail
  mode = 660

#frontpage_forms:
#       driver = appendfile
#       file = /tmp/junkmail
#       user = mailnull

local_delivery:
   driver = appendfile
   file = /$home/mail/$local_part
   delivery_date_add
   envelope_to_add
   return_path_add
   user = mailnull
   group = mail
   mode = 0660

address_pipe:
  driver = pipe
  return_output
  user = thenetnow
  #  user = ${lookup{$domain}lsearch{/etc/virtual/domains_users}}

#majordomo_pipe:
#   driver = pipe
#   return_fail_output
#   user = majordom

address_file:
  driver = appendfile
  delivery_date_add
  envelope_to_add
  return_path_add

address_reply:
  driver = autoreply

######################################################################
#                      RETRY CONFIGURATION                           #
######################################################################

begin retry

# Domain               Error       Retries
# ------               -----       -------
*                      quota_7d
*                      quota       F,72h,1h;
*                      *           F,12h,15m; F,24h,30m; F,36h,60m

######################################################################
#                      REWRITE CONFIGURATION                         #
######################################################################

# There are no rewriting specifications in this default configuration file.

begin rewrite

######################################################################
#                   AUTHENTICATION CONFIGURATION                     #
######################################################################

# There are no authenticator specifications in this default configuration 
file.

begin authenticators

# For Netscape/Mozilla
plain:
  driver = plaintext
  public_name = PLAIN
  server_condition = "${if and{ {!eq{$2}{}}{!eq{$3}{}} \
   {crypteq {$3} {${lookup {${local_part:$2}} lsearch \
                            {/etc/virtual/${domain:$2}/passwd}\
                            {$value} {*:*}}}} } {1}{0}}"
  server_set_id = $2

# For Outlook/Outlook Express
login:
  driver = plaintext
  public_name = LOGIN
  server_prompts = "Username:: : Password::"
  server_condition = "${if and{ {!eq{$1}{}}{!eq{$2}{}} \
   {crypteq {$2} {${lookup {${local_part:$1}} lsearch \
                            {/etc/virtual/${domain:$1}/passwd}\
                            {$value} {*:*}}}} } {1}{0}}"
  server_set_id = $1

# End of Exim configuration file

##################################################################################################
 


-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Reply via email to