Am 25.11.20 um 13:40 schrieb The Doctor via Exim-users:
IS there a scripts that could
a) Examine a spam/junk Mailbox for the origin of spam
and parse the IP of origin
and
b) Tell exim to block such IP addresses?
As Exim just delivers the mails to a box, it doesn't know anything about
besides the format: no.
You have to do it yourself.
Ofcourse you can do this with the help of exim, as I do it. Just call a
script anytime to use a certain spambox router or transport and add the
ip in your firewall.
I block brute-forcers that way, if they test nonexisting mailaddresses:
drop message = blacklisted for bruteforce cracking attempt
set acl_c_authnomail = ${eval10:0$acl_c_authnomail+1}
condition = ${if >{$acl_c_authnomail}{4}}
condition = ${run{/....addspam
$sender_host_address}{yes}{$value}}
do sanity checks before you use a variable as argument.
best regards,
Marius
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
