Re: How to bounce emails selectively with exim?
On (23/06/05 09:53), Oliver Elphick wrote:
> We get a number of spam mails and viruses sent to us with the sender
> address spoofed to appear to be from our domain. These get bounced for
> the appropriate reason (unrouteable address, spam, etc) but if the mail
> got routed through our ISP, the ISP sends the bounce straight back to me
> because they think the sender is me (though the received headers show
> the originating machine is in another domain).
> For example, here is an unwanted bounce message that has come back to
> me; the original message was sent from 18.104.22.168, which claimed to
> be lfix.co.uk, but isn't, of course:
> A message that you sent could not be delivered to one or more of its
> recipients. This is a permanent error. The following address(es) failed:
> SMTP error from remote mailer after RCPT TO:<firstname.lastname@example.org>:
> host mailgate.lfix.co.uk [22.214.171.124]: 550 unknown user
> ------ This is a copy of the message, including all the headers. ------
> Return-path: <email@example.com>
> Received: from [126.96.36.199] (helo=lfix.co.uk)
> by relay-1.mail.demon.net with esmtp id 1DlJws-0002cD-O7
> for firstname.lastname@example.org; Thu, 23 Jun 2005 05:08:23 +0000
> From: email@example.com
> To: firstname.lastname@example.org
> Subject: Your Account is Suspended For Security Reasons
> So if I get a bad email that purports to come from my domain but in fact
> doesn't, I would like to delete it without responding at all, while
> still bouncing bad emails that were genuinely sent within the domain.
> Is there a way to configure exim to do this?
I've setup spamassassin, sa-exim and clamav (daemon). Following the
debian.README file for sa-exim, it was relatively straightforward. My
setup seems to reject these most of the time with SA permanent reject
score of 8 and temporary reject score of 5. I've not seen any false
...strategies for business