How to block .html and other attachments with exim

[R1Lover]

Spam..... well we all deal with it and often beat our heads on the desk over it, last night after many complaints from customers I went ahead and did a few things that seemed to have done the trick.

I found success with this so I thought I would share.


1. exim.conf file

a. Turned on sender verification.

This might not be a good option on busy servers but for my customers, some on full dedicated and some on semi ded, this worked very well and didn't cause too much of a load on the servers.

b. Turned on all of the RBL's and other block list in the exim file.

2. system_filter.exiim

a. I added .html and .zip to the blocked extensions allowed.



This has resulted in a 98% reduction in spam for both myself and my customers, with also allowing every legit email we could see.


While blocking .zip is not ideal for some, there are so many other ways to send ans share files these days, it's not really used much then by spammers.

Also as of late, it seems the newest threat is viruses in html attachments.... so again I see no reason to allow these.

anyway, just sharing what I found that works for a few of my guys and thought some of you might find it helpful.

 

[R1Lover]

Now when spamblocker 4 comes out.... and making the above changes to it, we should have a pretty good start on ridding spam.

 

[nobaloney]

I really wanted to block html attachments, but my understanding is that if you do that then you're blocking all email which comes with both plaintext and html.

Which is a default for a lot of email. So please test and let us know.

Thanks.

Jeff

 

[R1Lover]

I was wondering the same.... but it's only blocking an attachment of .html and not the actual html formatted email. I also blocked .zip for this client too.

So far today... this has worked great, it blocked over 150 emails to just one client's server. The bad part is most of not all are filling up the mail queue with non deliverable rejected notices. This will resolve itself though.

 

[nobaloney]

Check again, make sure with an email from the outside (emails sent by an authenticated account are always accepted). Make sure that an email that comes with both plaintext and html parts are accepted.

Very important, as when I look at source the .html part of an email with both parts looks very much like an .html attachment to me.

Thanks.

Jeff

 

[R1Lover]

Yes, all is well, I have this running on three servers, no complaints and nothing but praise so far.

If you want to test yourself, send me a pm and I will give you an email address to use or test.