[SA-exim] Side-effect involving mailing lists

Rick Moen rick at linuxmafia.com
Sun Nov 16 14:43:21 PST 2003


Quoting Marc MERLIN (marc at merlins.org):

> Yep, absolutely. This only works if you control the MXes too,
> especially as some spam goes to the secondary MXes without ever trying
> a delivery to the primary one.

You'll notice the way I phrased this was "Unless all your MXes use the
same antispam policy, they'll tend to sanction one another."  (Or be
tempted to, in any event.)  This is why my current advice to admins is
to jettison the backup-MX idea:  If you can't get a primary mail host
back on-line in three days, you have bigger problems.

> That's why the config file has this:
> # Please, don't teergrube people you relay for you or your own MXes :-)
> SAteergrubecond: ${if and { {!eq
> {$sender_host_address}{204.80.101.251}} {!eq {$
> sender_host_address}{198.186.202.175}} {!eq
> {$sender_host_address}{194.2.204.37} } {!eq
> {$sender_host_address}{216.239.45.4}} {!eq
> {$sender_host_address}{216.109 .84.130}} } {1}{0}}

OK, I'll look up the IPs of the problem MLM hosts, and append
conditionals for them.  Question:  Might this be worth breaking out
into a /etc/exim4/sa-exim-whitelist-ips file, if only because otherwise
the syntax is a bit error-prone?

Alteratively, they could be in multiple lines like:

   SAteergrube_not: nnn.nnn.nnn.nnn 

(Feel welcome to advise me to send a patch.)  ;->

> Other times, I whitelist the list in SA's config, so teergrubing doesn't
> kick in.

Just to confirm, you're talking about the aforementioned SAteergrubecond
line, right?

-- 
Cheers,                        A: No.  
Rick Moen                      Q: Should I include quotations after my reply? 
rick at linuxmafia.com  



More information about the SA-Exim mailing list