Hi,
Applying the acl_check_data rules would help.
deny condition = ${if !def:h_Message-ID: {1}}
message = RFC2822 Message-ID required
--
Paul Ooi
On 6/5/2020 3:40 PM, Jacques B. Siboni via Exim-users wrote:
Thanks for you guys who gave me some useful hints
I still have a spam pattern I can't get rid of. suddenly i receive
thousands of emails
which can't even get through
Here is the log pattern:
2020-06-04 18:08:41 1jguID-003vM2-Hn <= <> H=router (foo-bar-babar)
[<here ip of GW>] P=esmtp K S=4718 id=ngVdwnPUF0006e7a2@foo-bar-babar
(I have replaced the actual string to foo-bar-babar not to give a
hint to the spammer)
I don't know how to catch it. I tried to add it the the blacklist
but maybe as it is not a proper domain name it is not catched
Maybe the question is how to filter the pattern after the
router keyword?
What can you suggest?
Thanks in advance
Jacques
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
