Re: How to bounce emails selectively with exim?

To: debian-user@lists.debian.org
Subject: Re: How to bounce emails selectively with exim?
From: Clive Menzies <clive@clivemenzies.co.uk>
Date: Fri, 24 Jun 2005 16:14:54 +0100
Message-id: <[🔎] 20050624151454.GA4100@clivemenzies.co.uk>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 1119516823.15443.81.camel@localhost.localdomain>
References: <[🔎] 1119516823.15443.81.camel@localhost.localdomain>

On (23/06/05 09:53), Oliver Elphick wrote:
> We get a number of spam mails and viruses sent to us with the sender
> address spoofed to appear to be from our domain.  These get bounced for
> the appropriate reason (unrouteable address, spam, etc) but if the mail
> got routed through our ISP, the ISP sends the bounce straight back to me
> because they think the sender is me (though the received headers show
> the originating machine is in another domain).
> 
> For example, here is an unwanted bounce message that has come back to
> me; the original message was sent from 203.101.34.73, which claimed to
> be lfix.co.uk, but isn't, of course:
> ========================================================================
> A message that you sent could not be delivered to one or more of its
> recipients. This is a permanent error. The following address(es) failed:
> 
>   kevin@lfix.co.uk
>     SMTP error from remote mailer after RCPT TO:<kevin@lfix.co.uk>:
>     host mailgate.lfix.co.uk [80.177.205.209]: 550 unknown user
> 
> ------ This is a copy of the message, including all the headers. ------
> 
> Return-path: <support@lfix.co.uk>
> Received: from [203.101.34.73] (helo=lfix.co.uk)
>         by relay-1.mail.demon.net with esmtp id 1DlJws-0002cD-O7
>         for kevin@lfix.co.uk; Thu, 23 Jun 2005 05:08:23 +0000
> From: support@lfix.co.uk
> To: kevin@lfix.co.uk
> Subject: Your Account is Suspended For Security Reasons
> ========================================================================
> 
> So if I get a bad email that purports to come from my domain but in fact
> doesn't, I would like to delete it without responding at all, while
> still bouncing bad emails that were genuinely sent within the domain.
> 
> Is there a way to configure exim to do this?

Hi Oliver

I've setup spamassassin, sa-exim and clamav (daemon).  Following the
debian.README file for sa-exim, it was relatively straightforward.  My
setup seems to reject these most of the time with SA permanent reject
score of 8 and temporary reject score of 5.  I've not seen any false
positives.

Regards

Clive

-- 
www.clivemenzies.co.uk ...
...strategies for business

Reply to:

References:
- How to bounce emails selectively with exim?
  - From: Oliver Elphick <olly@lfix.co.uk>

Prev by Date: Re: Sound not working
Next by Date: Re: Oracle 9i on Debian
Previous by thread: How to bounce emails selectively with exim?
Next by thread: lilo and /boot partition confusion
Index(es):
- Date
- Thread