0

I have a server that runs websites and exim for e-mail. I've added countless RBLs including barracuda to try and cut back on incoming spam. However, they still keep coming in. The clients use RoundCube. Is there a way for them to submit e-mails as spam or something?

Are there any other ways I could try and cut down on the incoming spam?

Jason
  • 3,821
  • 17
  • 65
  • 106

1 Answers1

1

See also How to block IP addresses from port 25

Spambots are generally poorly configured. In particular rDNS validation fails. Most (unfortuneately not all) legitimate servers have rDSN correctly configured. This allows you to make life difficult for spambots by delaying responses for poorly configured servers. Exim allows you to do this fairly easily.

  • Setup ACLs for Connection, HELO, and preData .
  • add a warn clause with a delay for hosts which fail to the new ACLs, and the exiting mail and recipient.

This is a simple ACL clause similar to what I use (try different times):

warn
  !verify = reverse_host_lookup
  delay = 16s

You may want to add 'control = no_pipelining' to the connection ACL.

WARNING: Some large legitimate mail servers (banks, governments, airlines, couriers) are poorly configured and will get caught in this. You may want to whitelist them as you discover them. Some of these will fail deliveries if the timeout is too long. The RFCs specify timeouts in minutes, but the timeouts I have seen tend to be well under a minute. This is a more complex ACL clause with a white list:

warn
  !verify = reverse_host_lookup
  !hosts = ${if exists{CONFDIR/local_host_delay_whitelist}\
                      {CONFDIR/local_host_delay_whitelist}{}}
  delay = 16s
Community
  • 1
BillThor
  • 27,354
  • 3
  • 35
  • 69