12 月 17 2007

在 exim 上面作 anti spam

在網路上看了一堆網頁,也摸索了好一陣子,剛才弄出這些設定:

  • 在 HELO 或 EHLO 指令時作檢查的 acl name 是 check_hello:

    check_hello:

    deny message = HELO/EHLO with my ip address. You are not me.
    log_message = HELO/EHLO my.ip
    condition = ${if eq {$sender_helo_name}{###.###.###.###} {yes}{no}}

    deny message = Fine, then the mail I accept is also none
    log_message = HELO/EHLO none
    condition = ${if match {$sender_helo_name}{none} {yes}{no}}

    accept

  • MAIL 用的 acl name 是 check_mail :

    check_mail:

    deny message = $sender_host_address is listed in $dnslist_domain
    hosts = !+relay_hosts
    !authenticated = *
    dnslists = bl.spamcop.net : \
    sbl.spamhaus.org : \
    list.dsbl.org : \
    cbl.anti-spam.org.cn

    deny message = Fake Yahoo, so you must be spam.
    log_message = Fake Yahoo
    senders = *@yahoo.com
    condition = ${if match {$sender_host_name}{\Nyahoo.com$\N}{no}{yes}}

    deny message = Fake hotmail, so you must be spam.
    log_message = Fake hotmail
    senders = *@hotmail.com
    condition = ${if match {$sender_host_name}{\Nhotmail.com$\N}{no}{yes}}

    deny message = Fake MSN, so you must be spam.
    log_message = Fake MSN
    senders = *@msn.com
    condition = ${if match {$sender_host_name}{\N(hotmail|msn).com$\N}{no}{yes}}

    deny message = Fake AOL, so you must be spam.
    log_message = Fake AOL
    senders = *@aol.com
    condition = ${if match {$sender_host_name}{\Nmx.aol.com$\N}{no}{yes}}

    deny message = Fake Gmail, so you must be spam.
    log_message = Fake Gmail
    senders = *@gmail.com
    condition = ${if match {$sender_host_name}{\Ngoogle.com$\N}{no}{yes}}

    accept

  • DATA 用的 acl name 是 check_data:

    check_data:

    deny message = Message SHOULD have Message-ID: but does not
    condition = ${if !def:h_Message-ID: {1}}

    deny message = Message SHOULD have Date: but does not
    condition = ${if !def:h_Date: {1}}

    accept

要讓 exim 在 HELO(或 EHLO)、MAIL 與 DATA 指令時作檢查,設定檔裡面要有這三行:

acl_smtp_mail = check_mail
acl_smtp_helo = check_hello
acl_smtp_data = check_data

目前在 log 看到的成效還不錯。 XD

參考網址:

No related posts.

By 0 • Tags: ,