Mailing List Archive: exim: users

ditch_spam problem: blackhole

Index | Next | Previous | View Threaded

ton.ami.totoro at gmail

Jan 10, 2012, 5:37 AM

Post #1 of 6 (290 views)
Permalink

ditch_spam problem: blackhole

Hi,

I have a problem with Exim configuration, some mail go in blackhole by the
rule ditch_spam.
I whant to make somthing like a whitelist, for those mail/domain addresse
will be delivered.
I try few way:

- In vexim-acl-check-rcpt.conf I add:

accept domains = exemple.com : *.exemple.com
endpass
verify = recipient

- In local_sender_whitelist I add:

*@exemple.com

- In exim.com for domainlist relay_to_domains I try to add exemple.com

All the time I have the same answer:

2012-01-10 10:56:32 1RkYRT-0001ZX-OJ <= noreply [at] exemple H=
smtp.distdomain.com [192.95.51.65] P=esmtp S=2900 id=e0eb56$
7pl7b [at] smtp T="Horizon : vos identifiants de connexion"
2012-01-10 10:56:32 1RkYRT-0001ZX-OJ => :blackhole: <user1 [at] localdomain>
R=ditch_spam
2012-01-10 10:56:32 1RkYRT-0001ZX-OJ Completed

If anyone have a idear, it will be helpfull.

Regards

Totorux
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

tlyons at ivenue

Jan 10, 2012, 5:54 AM

Post #2 of 6 (283 views)
Permalink

Re: ditch_spam problem: blackhole [In reply to]

On Tue, Jan 10, 2012 at 5:37 AM, SCHNEIDER Benoit
<ton.ami.totoro [at] gmail> wrote:
> Hi,
>
> I have a problem with Exim configuration, some mail go in blackhole by the
> rule ditch_spam.
> I whant to make somthing like a whitelist, for those mail/domain addresse
> will be delivered.

> 2012-01-10 10:56:32 1RkYRT-0001ZX-OJ <= noreply [at] exemple H=
> smtp.distdomain.com [192.95.51.65] P=esmtp S=2900 id=e0eb56$
> 7pl7b [at] smtp T="Horizon : vos identifiants de connexion"
> 2012-01-10 10:56:32 1RkYRT-0001ZX-OJ => :blackhole: <user1 [at] localdomain>
> R=ditch_spam
> 2012-01-10 10:56:32 1RkYRT-0001ZX-OJ Completed

Without seeing your routers, in the order they are processed, it's
hard to tell why it's doing this. Show us your routers so we can see
why the ditch_spam router matches the email in question.

Regards... Todd
--
SOPA: Any attempt to [use legal means to] reverse technological
advances is doomed. --Leo Leporte

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

ton.ami.totoro at gmail

Jan 10, 2012, 6:02 AM

Post #3 of 6 (286 views)
Permalink

Re: ditch_spam problem: blackhole [In reply to]

Sorry I forgot to put them:

http://pastebin.com/ywGgd7Zw

Thank's

2012/1/10 Todd Lyons <tlyons [at] ivenue>

> On Tue, Jan 10, 2012 at 5:37 AM, SCHNEIDER Benoit
> <ton.ami.totoro [at] gmail> wrote:
> > Hi,
> >
> > I have a problem with Exim configuration, some mail go in blackhole by
> the
> > rule ditch_spam.
> > I whant to make somthing like a whitelist, for those mail/domain addresse
> > will be delivered.
>
> > 2012-01-10 10:56:32 1RkYRT-0001ZX-OJ <= noreply [at] exemple H=
> > smtp.distdomain.com [192.95.51.65] P=esmtp S=2900 id=e0eb56$
> > 7pl7b [at] smtp T="Horizon : vos identifiants de connexion"
> > 2012-01-10 10:56:32 1RkYRT-0001ZX-OJ => :blackhole: <
> user1 [at] localdomain>
> > R=ditch_spam
> > 2012-01-10 10:56:32 1RkYRT-0001ZX-OJ Completed
>
> Without seeing your routers, in the order they are processed, it's
> hard to tell why it's doing this. Show us your routers so we can see
> why the ditch_spam router matches the email in question.
>
> Regards... Todd
> --
> SOPA: Any attempt to [use legal means to] reverse technological
> advances is doomed. --Leo Leporte
>
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

cyborg2 at benderirc

Jan 10, 2012, 6:58 AM

Post #4 of 6 (276 views)
Permalink

Re: ditch_spam problem: blackhole [In reply to]

Am 10.01.2012 15:02, schrieb SCHNEIDER Benoit:
>>> R=ditch_spam
>>> 2012-01-10 10:56:32 1RkYRT-0001ZX-OJ Completed
>>
>> 1.
>> condition = ${if >{$spam_score_int}{${lookup mysql{select
>> users.sa_refuse * 10 from users,domains \
>> 2.
>> where localpart = '${quote_mysql:$local_part}' \
>> 3.
>> and domain = '${quote_mysql:$domain}' \
>> 4.
>> and users.on_spamassassin = '1' \
>> 5.
>> and users.domain_id=domains.domain_id \
>> 6.
>> and users.sa_refuse > 0 }{$value}fail}} {yes}{no}}
>>

Add something like this to it "and whiteliste not regexp
'${quote_mysql:$header_from}''

Marius
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

ton.ami.totoro at gmail

Jan 11, 2012, 6:46 AM

Post #5 of 6 (274 views)
Permalink

Re: ditch_spam problem: blackhole [In reply to]

Hi

tank's for you answer,
If in understand the line: "and whiteliste not regexp
'${quote_mysql:$header_from}''
It's mean about every mail who come from all local domain will be accepted ?

But I want to setup a list of distant domain, or email, for this i was
thinking about two line:
"and whiteliste not regexp '$whitelisteemail''
"and whiteliste not regexp '$whitelistedomain''

where $whitelisteemail and $whitelistedomain will be like:

$whitelisteemail = user1 [at] distdomaine : user2 [at] distdomaine2
$whitelistedomain = distdomaine3.com : distdomaine4.com

I'm in the right way ?

Regards

2012/1/10 Cyborg <cyborg2 [at] benderirc>

> Am 10.01.2012 15:02, schrieb SCHNEIDER Benoit:
>
>> R=ditch_spam
>>>> 2012-01-10 10:56:32 1RkYRT-0001ZX-OJ Completed
>>>>
>>>
>>> 1.
>>> condition = ${if >{$spam_score_int}{${lookup mysql{select
>>> users.sa_refuse * 10 from users,domains \
>>> 2.
>>> where localpart = '${quote_mysql:$local_part}' \
>>> 3.
>>> and domain = '${quote_mysql:$domain}' \
>>> 4.
>>> and users.on_spamassassin = '1' \
>>> 5.
>>> and users.domain_id=domains.**domain_id \
>>> 6.
>>> and users.sa_refuse > 0 }{$value}fail}} {yes}{no}}
>>>
>>>
> Add something like this to it "and whiteliste not regexp
> '${quote_mysql:$header_from}''
>
> Marius
> --
> ## List details at https://lists.exim.org/**mailman/listinfo/exim-users<https://lists.exim.org/mailman/listinfo/exim-users>
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/
>
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

cyborg2 at benderirc

Jan 11, 2012, 9:11 AM

Post #6 of 6 (275 views)
Permalink

Re: ditch_spam problem: blackhole [In reply to]

Am 11.01.2012 15:46, schrieb SCHNEIDER Benoit:
> Hi
>
> tank's for you answer,
> If in understand the line: "and whiteliste not regexp
> '${quote_mysql:$header_from}''
> It's mean about every mail who come from all local domain will be accepted ?
>
> But I want to setup a list of distant domain, or email, for this i was
> thinking about two line:
> "and whiteliste not regexp '$whitelisteemail''
> "and whiteliste not regexp '$whitelistedomain''
>
> where $whitelisteemail and $whitelistedomain will be like:
>
> $whitelisteemail = user1 [at] distdomaine : user2 [at] distdomaine2
> $whitelistedomain = distdomaine3.com : distdomaine4.com
>
> I'm in the right way ?

no, i think not. You can't mix SQL Statements with EXIM lists as you did.

This SQL Statement : ... and whiteliste not regexp '$matchagainst' ..
compares the regexpression inside the databasefield 'whiteliste' with '$matchagainst'
which should the be the sender email.

your code :

1.
ditch_spam:
2.
driver = redirect
3.
allow_fail
4.
data = :blackhole:
5.
condition = ${if >{$spam_score_int}{${lookup mysql{select
users.sa_refuse * 10 from users,domains \
6.
where localpart = '${quote_mysql:$local_part}' \
7.
and domain = '${quote_mysql:$domain}' \
8.
and users.on_spamassassin = '1' \
9.
and users.domain_id=domains.domain_id \
10.
and users.sa_refuse > 0 }{$value}fail}} {yes}{no}}
11.
local_part_suffix = -*
12.
local_part_suffix_optional
13.
retry_use_local_part

the mail will be redirected to :blackhole: is the "condition" is true.

Example:

... and whiteliste not regexp 'test [at] domain' ..

IF the entry for 'whiteliste' in your database is ".*@domain.de" it will not match ..
which results in a FALSE for the condition. The Result is, it's not redirected to :blackhole:

Example 2:

... and whiteliste not regexp 'test [at] demo' ..

IF the entry for 'whiteliste' in your database is ".*@(domain|demo)\.de" it will not match => condition is false

IF the entry for 'whiteliste' in your database is ".*@doesnotwork\.de" it will match => condition is TRUE,
it gets redirected to :blackhole:

Remember, you want it blackholed if the senderdomain is NOT in the whitelist. That's why it's NOT REGEXP

if you wanne match an entire address, no problem. In this case, 'whiteliste' has to be "username [at] domai\.de".

Simple, ain't it ? :)

It's possible that the SQL must be the other way around:

... and 'test [at] domain' not regexp whiteliste ..

check the mysql docs for the exact syntax.

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact Gossamer Threads