--- /dev/null
+Date: Tue, 03 Mar 1998 15:45:24 -0500
+From: Dan Birchall <djb@16straight.com>
+
+History:
+
+In early 1997, I wrote a little PERL program which refused
+mail from unknown addresses until they mailed me promising
+not to spam me. (This ran on my account as an end-user
+solution.) It was very effective, but didn't scale well.
+
+Recently, I'd been thinking of adding some similar
+functionality to my Exim filter file. Someone on another
+list mentioned that they were going to work on doing the
+same in their Sendmail config, and since I'd already
+thought through how to do it in Exim, and knew it'd be
+slightly easier than falling out of bed, I went ahead and
+did it. I mentioned having done it, and Piete bugged me
+to send it here too. :)
+
+Structure:
+
+There are two (optionally three) flat files involved, plus
+a system-wide filter file and one (optionally two) shell
+script(s).
+
+The first flat file contains a list of recipient e-mail
+addresses handled by my server, with parameters stating
+whether they do or do not wish to be afforded some degree
+of protection from spam through various filters. An
+excerpt:
+
+djb@16straight.com: spam=no
+djb@mule.16straight.com: spam=no untrusted=no
+djb@scream.org: spam=no relay=no untrusted=no
+
+Various filters in my filter file read this, and based
+on the values of certain parameters, will take certain
+measures to prevent spam from reaching an address. This
+particular filter works on the "untrusted" parameter.
+
+The second flat file contains a list of IP addresses for
+hosts that the server has been instructed to trust. (At
+this point, this is a system-wide list; if a host is
+trusted, it's trusted for all addresses. It should be
+fairly similar to arrange for some sort of user-specific
+list, but I haven't had the need.) An excerpt:
+
+206.214.98.16: good=yes
+205.180.57.68: good=yes
+204.249.49.75: good=yes
+
+The filter is as follows:
+
+if
+${lookup{$recipients:untrusted}lsearch{/usr/exim/lists/shield}{$value}}
+is "no"
+and
+${lookup{$sender_host_address:good}lsearch{/usr/exim/lists/good_hosts}{$value}}
+is ""
+then freeze endif
+
+Basically, if $recipients is found in the first file, with
+an "untrusted=no" parameter, and the sending host's IP
+address is *not* in the second file, or does not have a
+"good=yes" parameter next to it, the message is frozen.
+
+I then come along as root and run this script, with the
+Exim message ID as the only argument:
+
+echo -n `grep host_address /usr/exim/spool/input/$1-H |cut -f2 -d" "` >>
+/usr/exim/lists/good_hosts
+echo ": good=yes" >> /usr/exim/lists/good_hosts
+sendmail -M $1
+
+This adds the sending host's IP to the good_hosts file and
+forces delivery of the message.
+
+Options:
+
+The other optional file is a blacklist; the other optional
+script puts the sending host's IP in *that* file and deletes
+the message.
+
+This is just yet another fun little way to play with spam.
+(Looks like meat, tastes like play-doh... or is it the
+other way around?)
+
+Bugs:
+
+Yes, there are weaknesses. Specifically:
+
+* multi-address $recipients will probably get by this
+* scalability is always a concern
+* large ISP's that generate lots of mail _and_ spam...
+
+This is near the top of my filter file, though, and
+there are several other filters below it to catch any
+stuff it might miss.
git://git.exim.org / users / jgh / exim.git / blobdiff