Commit | Line | Data |
---|---|---|
e0f3765a PH |
1 | Date: Tue, 03 Mar 1998 15:45:24 -0500 |
2 | From: Dan Birchall <djb@16straight.com> | |
3 | ||
4 | History: | |
5 | ||
6 | In early 1997, I wrote a little PERL program which refused | |
7 | mail from unknown addresses until they mailed me promising | |
8 | not to spam me. (This ran on my account as an end-user | |
9 | solution.) It was very effective, but didn't scale well. | |
10 | ||
11 | Recently, I'd been thinking of adding some similar | |
12 | functionality to my Exim filter file. Someone on another | |
13 | list mentioned that they were going to work on doing the | |
14 | same in their Sendmail config, and since I'd already | |
15 | thought through how to do it in Exim, and knew it'd be | |
16 | slightly easier than falling out of bed, I went ahead and | |
17 | did it. I mentioned having done it, and Piete bugged me | |
18 | to send it here too. :) | |
19 | ||
20 | Structure: | |
21 | ||
22 | There are two (optionally three) flat files involved, plus | |
23 | a system-wide filter file and one (optionally two) shell | |
24 | script(s). | |
25 | ||
26 | The first flat file contains a list of recipient e-mail | |
27 | addresses handled by my server, with parameters stating | |
28 | whether they do or do not wish to be afforded some degree | |
29 | of protection from spam through various filters. An | |
30 | excerpt: | |
31 | ||
32 | djb@16straight.com: spam=no | |
33 | djb@mule.16straight.com: spam=no untrusted=no | |
34 | djb@scream.org: spam=no relay=no untrusted=no | |
35 | ||
36 | Various filters in my filter file read this, and based | |
37 | on the values of certain parameters, will take certain | |
38 | measures to prevent spam from reaching an address. This | |
39 | particular filter works on the "untrusted" parameter. | |
40 | ||
41 | The second flat file contains a list of IP addresses for | |
42 | hosts that the server has been instructed to trust. (At | |
43 | this point, this is a system-wide list; if a host is | |
44 | trusted, it's trusted for all addresses. It should be | |
45 | fairly similar to arrange for some sort of user-specific | |
46 | list, but I haven't had the need.) An excerpt: | |
47 | ||
48 | 206.214.98.16: good=yes | |
49 | 205.180.57.68: good=yes | |
50 | 204.249.49.75: good=yes | |
51 | ||
52 | The filter is as follows: | |
53 | ||
54 | if | |
55 | ${lookup{$recipients:untrusted}lsearch{/usr/exim/lists/shield}{$value}} | |
56 | is "no" | |
57 | and | |
58 | ${lookup{$sender_host_address:good}lsearch{/usr/exim/lists/good_hosts}{$value}} | |
59 | is "" | |
60 | then freeze endif | |
61 | ||
62 | Basically, if $recipients is found in the first file, with | |
63 | an "untrusted=no" parameter, and the sending host's IP | |
64 | address is *not* in the second file, or does not have a | |
65 | "good=yes" parameter next to it, the message is frozen. | |
66 | ||
67 | I then come along as root and run this script, with the | |
68 | Exim message ID as the only argument: | |
69 | ||
70 | echo -n `grep host_address /usr/exim/spool/input/$1-H |cut -f2 -d" "` >> | |
71 | /usr/exim/lists/good_hosts | |
72 | echo ": good=yes" >> /usr/exim/lists/good_hosts | |
73 | sendmail -M $1 | |
74 | ||
75 | This adds the sending host's IP to the good_hosts file and | |
76 | forces delivery of the message. | |
77 | ||
78 | Options: | |
79 | ||
80 | The other optional file is a blacklist; the other optional | |
81 | script puts the sending host's IP in *that* file and deletes | |
82 | the message. | |
83 | ||
84 | This is just yet another fun little way to play with spam. | |
85 | (Looks like meat, tastes like play-doh... or is it the | |
86 | other way around?) | |
87 | ||
88 | Bugs: | |
89 | ||
90 | Yes, there are weaknesses. Specifically: | |
91 | ||
92 | * multi-address $recipients will probably get by this | |
93 | * scalability is always a concern | |
94 | * large ISP's that generate lots of mail _and_ spam... | |
95 | ||
96 | This is near the top of my filter file, though, and | |
97 | there are several other filters below it to catch any | |
98 | stuff it might miss. |