[Wolves] Blackhole at sorbs filter
Adam Sweet
drinky76 at yahoo.com
Thu Jan 12 17:57:11 GMT 2006
--- Wayne Morris <wayne at machx.co.uk> wrote:
> Adding sorbs to my exim filter seems to work pretty
> well apart from
> killing the occaisonal good mail.
Hi Wayne. I run a server that hosts about 30 domains
on Exim. I don't know about sorbs particularly and it
certainly depends on what mail you're getting that you
want to keep, but I don't get any good mail blocked so
far as I know.
I use sbl-xbl.spamhaus.org, list.dsbl.org and
bl.spamcop.net.
> Anyone got a nice trick that will just label as
> 'probably spam' so I can
> just filter it later (in Thunderbird) and
> doublecheck.
I have concocted the following for you out of my own
exim.conf and ACLs:
#Insert header if blacklisted
warn message = X-Blacklisted: DNSBL listed at
$dnslist_domain\n$dnslist_text
warn message = X-New-Subject: ***Spam*** $h_subject
dnslists =
sbl-xbl.spamhaus.org:list.dsbl.org:bl.spamcop.net
Forgive the line-wrapping in the above.
And then create a .forward file in your exim user's
home directory.
if "${if def:header_X-New-Subject: {there}}" is there
then
headers remove Subject
headers add "Subject: $h_X-New-Subject:"
headers remove X-New-Subject
endif
Note that this is a modified version of my own
settings. The changes are untested. I'm not sure if
you can have 2 warn messages but I dont see why not.
You can always take out the first, it's just so you
can see where it was blacklisted by viewing the
headers. This info might get logged anyway.
Use at your own discretion. It should work, but if it
breaks your mail you can keep both pieces :)
Ad
--
http://www.drinky.org.uk
http://blog.adamsweet.org
___________________________________________________________
To help you stay safe and secure online, we've developed the all new Yahoo! Security Centre. http://uk.security.yahoo.com
More information about the Wolves
mailing list