[Gllug] Filtering emails

Xander D Harkness xander at harkness.co.uk
Tue Dec 17 13:55:37 UTC 2002 

Adrian McMenamin wrote:

>Apologies for the lack of clue in this message. But....
>
>I want to sell my sys admin the idea that we can pre-filter email messages
>before they hit our Exchange server (yes, i am afraid the dark side is
>strong here) to avoid DOS type attacks by mail bombing us with spam.
>
>He's beginning to see the light on the usefulness (mainly via low TCO) of
>the true path, so I might be on to a winner if I can say this is easy to set
>up. Is it? Is it possible at all?
>
>Thanks
>
>Adrian
>
>  
>
Just a couple of pointers for exim that you might find useful.

This is to allow a machine to operate as a primary mx to the outside 
world and then to manually forward mail on to your exchange box


fire_gate:
    driver = manualroute
    domains = /etc/mail/relay-domains
    route_data = ${lookup{$domain}lsearch*{/etc/mail/routes}}
    transport = remote_smtp

In the file /etc/mail/relay-domains you have a list of domains one on 
each line.

in the file /etc/mail/routes

you can have:

example.com: exchangeserver.example.com byname

or

*example2.com: server2.domain.com byname

So this forwards mail directly to the server with name X rather than 
using its mx record.


The following goes at the end of the exim configuration and allows you 
to use smtp auth - allows your users to send mail via your relay using a 
password.  The password file sits at /etc/mail/passwords and has the 
form username space password on each line


begin authenticators

plain:
  driver = plaintext
  public_name = PLAIN
  server_condition = ${if 
eq{$3}{${lookup{$2}lsearch{/etc/mail/passwords}{$value}fail}}{yes}{no}}
  server_set_id = $2

login:
  driver = plaintext
  public_name = LOGIN
  server_prompts = Username:: : Password::
  server_condition = ${if 
eq{$2}{${lookup{$1}lsearch{/etc/mail/passwords}{$value}fail}}{yes}{no}}
  server_set_id = $1

cram:
  driver = cram_md5
  public_name = CRAM-MD5
  server_secret = ${if 
eq{$2}{${lookup{$1}lsearch{/etc/mail/passwords}{$value}fail}}{yes}{no}}
  server_set_id = $1

# End of Exim configuration file

Kind regards
Xander

-- 
Wake up and smell the coffee.
		-- Ann Landers



-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug

More information about the GLLUG mailing list