How reject spam at high score in exim.conf

[xemaps]

For use in exim 4.63/FC3
edit exim.conf

#########################################
# ACL that is used after the DATA command
#########################################
check_message:
...

# test reject spam at high scores (> 15)
# place before accept from acl_check_data
drop message = This message is denied by policy : $spam_score spam points
spam = nobody:true
condition = ${if >{$spam_score_int}{150}{1}{0}}

...
accept
###################

This would reject spam more than 15 spamassassin points.

 

[nobaloney]

What are you using to run email through spamassassin before the data ACL?

Jeff

 

[xemaps]

do you mean spamd ?

 

[nobaloney]

Sure .

What are you doing to run incoming email through spamd before the data ACL?

Jeff

 

[xemaps]

i don't know what you mean

conf FC3/exim/clamav
i use my acl AFTER DATA (read top of post) then score is known
sa check on my config 3000 chars

It's very cool to reject high spam score !

sample stats (i reject at 15):

>CURRENT WEEK---
spam:223
ham:1293
rejected:3075
>DETAIL Rejected
>>virus:8
>>rbl blacklist:404
>>invalid HELO:1146
>>forged HELO:55
>>high score spam:25
>>faked mail:21

and some connexions are blocked by APF, so doesn't appears here.

 

[xemaps]

Seems like nobody is interested into filter spam here !

I fight against spam since years with my friends like spamcop, dshields, sans , aso...

incredible.

 

[smtalk]

Wonderful protection against spam

 

[webbasica]

What does it do exactly? delete it? bounce it? put it somewhere?

 

[smtalk]

What does it do exactly? delete it? bounce it? put it somewhere?

Originally posted by xemaps This would reject spam more than 15 spamassassin points.

 

[webbasica]

Ok, I guess reject could be taken as delete.

By the way, tried it, works!

thanks!!

 

[Pascal]

Looks great!

condition = ${if >{$spam_score_int}{150}{1}{0}}

Where i can change the spamcore?
Is it the {150} that stands for 15 points?

By the way, how do you get the statistics?

I like to know that

 

[smtalk]

Looks great!

condition = ${if >{$spam_score_int}{150}{1}{0}}

Where i can change the spamcore?
Is it the {150} that stands for 15 points?

By the way, how do you get the statistics?

I like to know that

Yes, that is for >15 points. You can cat the logs, grep and count information ( cat /var/log/exim/mainlog | grep "denied by policy" | wc -l ). Also you can code your own perl script which can show email statistics.

 

[dannygoh]

Where is the code put when used with Exiscan

 

[Pascal]

omg.... this is working great!

 

[webbasica]

Another way to check what the server is rejecting, is:

As Admin, in "Admin Tools", Log Viewer, Exim rejectlog

 

[Dark_Wizard]

Sure .

What are you doing to run incoming email through spamd before the data ACL?

Jeff

Good question as this doesn't work.

xemaps - Where is the variable $spam_score_int being defined? I cannot find it in the exim.conf file anywhere...please elaborate.

Thanks.

 

[xemaps]

Good question as this doesn't work.

xemaps - Where is the variable $spam_score_int being defined? I cannot find it in the exim.conf file anywhere...please elaborate.

Thanks.

Have you spamassassin installed and running ?

This variable is the result spam score calculated by spamassassin

For special situation try to replace
$spam_score_int with 0$spam_score_int
notice the leading zero to force decimal

Have a look here http://www.exim.org/eximwiki/ExiscanExamples?highlight=(spam_score_int)

Exiscan is integrated in SA since version 4.50, no need to patch exim with exiscan patch.

 

[nobaloney]

I may be wrong but I think the real question is still where do you implement the SA check?

Can you post the portion of your exim.conf file that actually checks the incoming email through SA?

Otherwise checking for the spam score is useless.

Thanks.

Jeff

 

[Dark_Wizard]

I may be wrong but I think the real question is still where do you implement the SA check?

Can you post the portion of your exim.conf file that actually checks the incoming email through SA?

Otherwise checking for the spam score is useless.

Thanks.

Jeff

Agreed...

 

[Dark_Wizard]

Have you spamassassin installed and running ?

This variable is the result spam score calculated by spamassassin

For special situation try to replace
$spam_score_int with 0$spam_score_int
notice the leading zero to force decimal

Have a look here http://www.exim.org/eximwiki/ExiscanExamples?highlight=(spam_score_int)

Exiscan is integrated in SA since version 4.50, no need to patch exim with exiscan patch.

Yes, spamassassin is installed and running well but I fail to see how this works as you have posted when sa is not checking at this point in the exim.conf file unless I am seriously missing something.