SPF check of incoming mail

[Mati]

Thank You very much Swift-AU for help on that isue.

These lines in exim.conf:

drop message = [SPF] $sender_host_address is not allowed to send mail from $sender_address_domain
log_message = SPF check failed
!authenticated = *
set acl_m9 = --scope mfrom --id $sender_address --ip $sender_host_address
set acl_m9 = ${run{/usr/bin/spfquery $acl_m9}}
condition = ${if eq {$runrc}{1}{true}{false}}

are enough to block emails of swindler mail senders pretending to be somebody else (spammers, thiefs etc.)?

Should I put these lines in some special place in exim.conf? Tell me where.

Best Regards to You. If it is working well it will make DirectAdmin better. Thank You again!

 

[Swift-AU]

Hi Mati,

You need to place those lines somewhere after the check_recipient: line in exim.conf, depending on whether you want it to happen before or after other checks are done. If in doubt, you'll be OK to place them directly after the check_recipient: line. Note that you must ensure you have spfquery on your system and that the path to it is correctly specified.

If you're unsure, you'd be best to pay someone to make the change for you.

As to whether it will elimate all SPAM, the answer is emphatically no! Is it one of a number of useful measures to help combat spam? Most certainly!

-Swift

 

[Mati]

Thank You for reply.

As to whether it will elimate all SPAM, the answer is emphatically no!

Yes, I know, I meant only that 'SPF check' blocks everyone who is pretending to be somebody else - some spammers send spam in diffrent way of course.

I do not use Spamassasin now because it makes many problems - when I used it clients very often were calling that good mail is recognised as spam .

I added to spamblocker exim.conf: greylisting : http://directadmin.com/forum/showthread.php?t=24808&highlight=greylist and it works perfectly - it blocks almost all mass sent spam in my conditions. When I add additionally to spamblocker exim.conf your lines of SPF check it will probably block all mass sent spam in my conditions because when on the other control panel (where it was implemented at start) I used RBL, SPF, GREYLISTING I had no mass sent spam in my conditions - life was easy. Thanks to You I will probably gain the same in DirectAdmin. Thank You again for sharing these lines. I encourage the others to use SPF, RBL and GREYLISTING instead of Spamassasin.