On Wed, Aug 10, 2011 at 10:23:43AM +0100, Dominic Benson wrote: > On 10/08/11 02:17, Drav Sloan wrote: >> The Doctor wrote: >>>> You should probably read your acls, as I imagine one rule in there is >>>> accepting them wholesale. Exim only does what Exim is told to do. >> [snip] >> >> Have you tried exim -d -bh<ip of server> >> >> and looked at that? >> >> My money is, however, on the accept statement for relay_from_hosts, which >> then short circuits all other spam / virus checks. Also you probably >> should look at plugging the hole on your web server so the spam can not >> be injected in the first instance. >> >> D. >> > Depending on how the mail was initiated, it could be > > accept hosts = : > > which, IIRC, accepts mail that was not received over SMTP.
Good start > > I agree with the above, though. Stopping it being input in the first place > is the real fix. > AV scanning outbound is fine/good, spam scanning is trickier: > for a start you're going to miss out on the RBL lookups, and FPs are more > troublesome. > > Rate-limiting outbound mail might be a useful damage limitation step, > though. > How would you rate limit? > > > -- > ## List details at https://lists.exim.org/mailman/listinfo/exim-users > ## Exim details at http://www.exim.org/ > ## Please use the Wiki with this list - http://wiki.exim.org/ > > > -- > This message has been 'sanitized'. This means that potentially > dangerous content has been rewritten or removed. The following > log describes which actions were taken. > > Sanitizer (start="1312968368"): > Split unusually long word(s) in header. > SanitizeFile (filename="unnamed.txt", mimetype="text/plain"): > Match (names="unnamed.txt", rule="2"): > Enforced policy: accept > > Total modifications so far: 1 > > > Anomy 0.0.0 : Sanitizer.pm > $Id: Sanitizer.pm,v 1.94 2006/01/02 16:43:10 bre Exp $ -- Member - Liberal International This is [email protected] Ici [email protected] God, Queen and country! Never Satan President Republic! Beware AntiChrist rising! http://twitter.com/rootnl2k http://www.facebook.com/dyadallee IT is done! http://groups.google.com/group/rec.arts.drwho/about -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
