Re: Exim4 ACLs (was: Thoughts on exim4-conifg)

To: moseley@hank.org, debian-user@lists.debian.org
Subject: Re: Exim4 ACLs (was: Thoughts on exim4-conifg)
From: Alan Chandler <alan@chandlerfamily.org.uk>
Date: Wed, 12 Nov 2003 07:38:52 +0000
Message-id: <[🔎] 200311120738.52109.alan@chandlerfamily.org.uk>
In-reply-to: <[🔎] 20031112014412.GA9031@hank.org>
References: <[🔎] 20031111175631.GB10963@hank.org> <[🔎] 200311120025.02392.alan@chandlerfamily.org.uk> <[🔎] 20031112014412.GA9031@hank.org>

On Wednesday 12 November 2003 01:44, Bill Moseley wrote:
> On Wed, Nov 12, 2003 at 12:25:02AM +0000, Alan Chandler wrote:
> > On Tuesday 11 November 2003 17:56, moseley@hank.org wrote:
> > > What do people think of exim4-config?  It splits the exim config file
> > > into parts and when exim4 is (re)started a new config file is built
> > > from all the parts, tested that it's valid and then exim4 is started
> > > with the new config.
> >
> > A real pain if you want to hand craft a solution.  I ended up creating an
> > /etc/exim4/exim4.conf file to edit - and the copied ACLs from various
> > sources on the net.  I have it nicely set up how I want it now.
>
> Yep, that's what I ended up doing.
>
> Can I ask about your ACL setup for spam and other junk?  Are you doing
> much different than this:

The ones doing the real weeding out of message are for check data (using the 
extensions build into exim-heavy, although the first one is in check rcpt acl 
(sorry about the line wrapping - but you will get the idea.) 

in check rcpt acl

  # Now, do basic call back checking
  deny    hosts         = !+local_hosts : *
          sender_domains = !CONFDIR/nocallbackdomain:*
         !verify = sender/callout=90s,defer_ok,postmaster
.ifdef TEERGRUBE
          delay         = TEERGRUBE
.endif



in check_data acl



  deny    message = This domain has a policy of not accepting certain types of 
attachments in mail \
                        as they may contain a virus.  This mail has a file 
with an $found_extension \
                        attachment and is not accepted. If you have a 
legitimate need to send this \
                        particular attachment, send it zipped, and it will 
then be forwarded to the r
ecipient.
          demime = exe:com:vbs:bat:pif:scr
.ifdef TEERGRUBE
          delay         = TEERGRUBE
.endif


AND

  # Reject spam messages. Remember to tweak your
  # site-wide SA profile. Do not spam-scan messages
  # larger than eighty kilobytes or one marked at RCPT time
  # as not needing it
  deny    message = Your mail with Subject: $h_Subject: \
                to domain chandlerfamily.org.uk appears to be unsolicited 
spam.\
                \
                Even if someone from this domain requested mail from you in 
the past, this\
                is a privately owned domain only used by members of my family.  
I can confirm\
                that none of them wish to receive more that the original 
single message from\
                you and that no more messages are required. Please remove all 
addresses\
                with this domain name from your lists.\
                \
                However, we do not wish to stop positive confirmation of 
purchase of goods and servic
es,\
                but we do not wish to receive offers of goods for sale, prizes 
for competitions or ot
her\
                marketing messages.  So if further requests for information 
are made from this domain
,\
                please treat them as single requests only.\
                \
                If you intended to contact a person at that email domain for\
                legitimate reasons then our apologies. Please would you resend 
to the\
                same address but add the prefix "real-" (without the quotes) 
to the\
                e-mail address and it will bypass the spam filter.\
                \
                Thank you\
                \
                postmaster@chandlerfamily.org.uk\


          !condition = $header_X-NoSpamCheck:
          condition = ${if <{$message_size}{80k}{1}{0}}
          spam = nobody
 .ifdef TEERGRUBE
          delay         = TEERGRUBE
.endif












>
> I'm using exim4-daemon-heavy and it's nice to reject the spam and
> Windows attachments at acl_check_data time, but other checks that I
> thought were going to make a big difference have not done much for
> filtering bad mail.
>
> For example, rbl checks on rfc-ignorant.org turn up too many false
> positives.  I need to white list a lot of domains for that to be useful.
>
> I'm also use caller verification and call-out verification.  I thought
> that would catch more, but it seems that where the callout fails
> Spamassassin is also catching the mail.  And half or more of the spam seems
> to use a valid sender address.  So the callout may not be worth the
> work.
>
> My other dnslist entries seems to work well, although I'm not deny'ing at
> this point.  Although the ones I see are also often rejected because of
> windows attachments anyway.
>
>   warn  message         = X-Warning: $sender_host_address is listed at
> $dnslist_domain ($dnslist_value: $dnslist_text) log_message     =
> $sender_host_address is listed at $dnslist_domain ($dnslist_value:
> $dnslist_text) dnslists        =
> relays.ordb.org:relays.bl.kundenserver.de:relays.visi.com:sbl.spamhaus.org
>
>
> Perhaps what would be more useful is to tune my spamassassing setup.
> I'm using the default 2.6 installation with no changes to local.cf.
>
> --
> Bill Moseley
> moseley@hank.org

-- 
Alan Chandler
alan@chandlerfamily.org.uk

Reply to:

References:
- Thoughts on exim4-conifg
  - From: moseley@hank.org
- Re: Thoughts on exim4-conifg
  - From: Alan Chandler <alan@chandlerfamily.org.uk>
- Exim4 ACLs (was: Thoughts on exim4-conifg)
  - From: Bill Moseley <moseley@hank.org>

Prev by Date: Intranet Mails on Linux
Next by Date: Re: Incremental CDR backups
Previous by thread: Exim4 ACLs (was: Thoughts on exim4-conifg)
Next by thread: Re: Thoughts on exim4-conifg
Index(es):
- Date
- Thread