Ronaldo Luiz de Carvalho wrote:
I used this filter and I can't find/block the e-mail. There are anything
wrong on this filter?
if
$message_headers contains "[email protected]"
then
fail text "This email is not accepted here."
seen finish
endif
-----Mensagem original-----
De: John Burnham [mailto:[email protected]]
Enviada em: terça-feira, 25 de outubro de 2011 13:55
Para: 'Ronaldo Luiz de Carvalho'; '[email protected]'
Assunto: RE: [exim] How to Block connection
Thanks for the tip, but the IP changes all times...
I did this, including blocking the network. And the IP continues to
change.
The only thing that are the same are this header:
disposition-notification-to: [email protected]
If that's the only identifying feature then you're going to have to wait to
the data part of the SMTP transaction, detect that header and reject the
mail.
John=
Ronaldo,
Why don't you:
A) move youur user submissions OFF port 25 and ONTO to port 587 WITH TLS
and decent AUTH (if not already doing so).
B) Grant port 587 an exception OR apply to only port 25, Exim's very
competant rDNS check?
Ex: (in acl_smtp_connect, and preceded by a glance at a short
IP-whitelist, not to mention authorized relays etc...)
=====
deny
condition = ${if eq{$interface_port}{25}}
!verify = reverse_host_lookup
====
Stops most 'bots and similar freeloaders in their tracks. Plus the
diminishing count of hobbyists who cannot or will not publish proper DNS
records or use a credentialed 'smarthost'.
So far have never had to WL more than about 16 of those - mostly
somebody's grandkid playing with Linux or the odd social organization he
is acting as 'computer expert' for...
Cheap, cheerful, and near-as-dammit bullet-proof.
It does not, for example, generate backscatter spam to bystanders...
Bill
--
韓家標
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
