I've been working on adding in backscatter protection to exim. I found a recipe at http://psg.com/~brian/software/authbounce/configure-authbounce.txt.
I've added in the following to the exim.conf and it works great minus 1 caveat. There are certain situations that you want to accept messages that would otherwise be blocked as invalid bounces. As an example voicemail messages from VOIP systems will generally not contain a return path.
I would like to see in Spam Filters section an option for a user to disable the feature. I can then add a check in the exim.conf. Even better would be a list of domains/users that can be used to bypass the filter.
Main exim.conf
After check_messages:
Inside remote_smtp:
I've added in the following to the exim.conf and it works great minus 1 caveat. There are certain situations that you want to accept messages that would otherwise be blocked as invalid bounces. As an example voicemail messages from VOIP systems will generally not contain a return path.
I would like to see in Spam Filters section an option for a user to disable the feature. I can then add a check in the exim.conf. Even better would be a list of domains/users that can be used to bypass the filter.
Main exim.conf
Code:
BOUNCE_ID = example-com-1
BOUNCE_SECRET = ********************After check_messages:
Code:
deny senders = :
condition = ${if ! eq{$recipients_count}{1}{1}}
message = Bounces must have only a single recipient
deny senders = :
! condition = ${if match \
{$message_body $message_body_end} \
{[xX]-bounce-key:\\s*BOUNCE_ID;${rxquote:${lc:$recipients}};(\\d+);(\\w+)}
{${if eq {$2} \
{${length_8:${md5:BOUNCE_ID;${lc:$recipients};$1;BOUNCE_SECRET}}} \
{${if <{${sg{${eval:$tod_epoch-$1}}{-}{}}}{864000}{1}}}}}}
message = Bounce does not contain a valid X-bounce-key signatureInside remote_smtp:
Code:
headers_add = ${if eq{$return_path}{}{}{X-bounce-key: BOUNCE_ID;${lc:$return_path};$tod_epoch;${length_8:${md5:BOUNCE_ID;${lc:$return_path};$tod_epoch;BOUNCE_SECRET}};}}