[Wolves] Blackhole at sorbs filter

Adam Sweet drinky76 at yahoo.com
Thu Jan 12 17:57:11 GMT 2006

--- Wayne Morris <wayne at machx.co.uk> wrote:

> Adding sorbs to my exim filter seems to work pretty
> well apart from 
> killing the occaisonal good mail.

Hi Wayne. I run a server that hosts about 30 domains
on Exim. I don't know about sorbs particularly and it
certainly depends on what mail you're getting that you
want to keep, but I don't get any good mail blocked so
far as I know.

I use sbl-xbl.spamhaus.org, list.dsbl.org and

> Anyone got a nice trick that will just label as
> 'probably spam' so I can 
> just filter it later (in Thunderbird) and
> doublecheck.

I have concocted the following for you out of my own
exim.conf and ACLs:

#Insert header if blacklisted
warn message = X-Blacklisted: DNSBL listed at
warn message = X-New-Subject: ***Spam*** $h_subject
dnslists =

Forgive the line-wrapping in the above.

And then create a .forward file in your exim user's
home directory.

if "${if def:header_X-New-Subject: {there}}" is there 
    headers remove Subject                            
    headers add "Subject: $h_X-New-Subject:"          
    headers remove X-New-Subject                      

Note that this is a modified version of my own
settings. The changes are untested. I'm not sure if
you can have 2 warn messages but I dont see why not.
You can always take out the first, it's just so you
can see where it was blacklisted by viewing the
headers. This info might get logged anyway.

Use at your own discretion. It should work, but if it
breaks your mail you can keep both pieces :)





To help you stay safe and secure online, we've developed the all new Yahoo! Security Centre. http://uk.security.yahoo.com

More information about the Wolves mailing list