Re: [exim] Avoiding bounces
Always Learning via Exim-users schrieb: Hi, > If you reject emails from MTAs having no rDNS or no resolving HELO (or > EHLO) names or having a HELO name that is different from the sending > MTA's host name, most of your spam will not reach your users. Of course I do that! But unfortunately I already get tons of spam... A couple of years ago was better, but now I get many spam per day again... :( Thanks Luca Bertoncello (lucab...@lucabert.de) -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] Avoiding bounces
On 2018-05-26, Jeremy Harris via Exim-users wrote: > On 26/05/18 15:05, Luca Bertoncello via Exim-users wrote: >> Well, this "info@"-address is a forward to many recipients, not just one... > > Oh, a mail-exploder. OK, no cutthrough routing possible. This is > effectively a mailinglist, and you need to put real effort into > curating it. Things like: on the slightest evidence of dodgyness > - including, but not limited to, bad rDNS, bad HELO, bad dnsbl, > bad sender-verify-callout, perhaps even unwhitelisted-senders - > divert to a quarantine queue for manual vetting. > > And consider just rejecting on those grounds, too. > > > Or, as Lena suggests, for Google use a POP-sucker rather than > SMTP forwarding. But that means telling Google some credentials > for your box, and providing POP access (I strongly suggest you > create a/some dedicated account(s) for that, with the credentials not > used for any other purpose). We are, of course, assuming you > have control of the Google account(s) concerned. If you do that, (and it will work well) be sure that the mailbox is cleared regularly. at work we got hit by hundereds of dollars of excess data chargers on one of our servers due to international pop data going to google, we had to put an ip firewall in. (alternatively host the pop3 somewhere that has cheap data charges) -- ت -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] rewrite incorrect date headers from email clients
1: By simply dropping the date header and inserting a new with the
server time. Problem solved. If the header was correct, it will still
be correct when replaced.
2: Yeah, but many clients handle date: header astonishly bad too. For
example sorting the email by date: header instead of actual received
date, which messes up sorting if the date: header in mail is just a
few hours or Days off. So fixing the date: header is a good thing,
both when sending and receiving emails. Makes every client happy. And
if there is doubt about the email's actual transmit date, its easy to
check in the headers anyways and use the Received: lines to find out
if any delay happened.
3: naah.
So I solved it with a ACL similiar to this:
accept
condition = ${if def:h_date:{yes}{no}}
remove_header = date
add_header = Date: $tod_full
accept
add_header = Date: $tod_full
The first one deletes any old date header and inserts a new date
header with the server time.
The second one just inserts a date header if the original mail misses one.
2018-05-27 0:09 GMT+02:00 Evgeniy Berdnikov via Exim-users
:
> On Sat, May 26, 2018 at 09:52:28PM +0200, Sebastian Nielsen via Exim-users
> wrote:
>> How I do to rewrite the date header from email clients in exim4 config
>> so it are replaced with the server date/time?
>>
>> The problem is that some clients and software are submitting an
>> incorrect date header (like 1 jan 1960) causing the email to be
>> delivered to the bottom of user's clients and sometimes sorted as spam
>> due to the incorrect date.
>>
>> So I would want to replace the incorrect header with an correct one
>> fetched from the server time.
>> How can this be accomplished?
>
> 1. It's not clear how you would decide that date header is incorrect.
> Which creteria would be used for such decision?
>
> 2. Header rewriting means delivery of wrong (false) information to
> recipient, that is a Bad Thing. If you want to deliver a mail with
> "correct date", you have better to make a special mail message
> for user and attach a copy of the original mail to it.
>
> 3. Alternative approach is to reject mails with incorrect date header.
> There is no problem to write ACL which check, for example, presence
> of current year in date header, as "2018" substring. Do not forget
> to reject with some informative message for sender, say, "This message
> was rejected because it has invalid date header "$h_date:"".
> --
> Eugene Berdnikov
>
> --
> ## List details at https://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] rewrite incorrect date headers from email clients
On Sat, May 26, 2018 at 09:52:28PM +0200, Sebastian Nielsen via Exim-users wrote: > How I do to rewrite the date header from email clients in exim4 config > so it are replaced with the server date/time? > > The problem is that some clients and software are submitting an > incorrect date header (like 1 jan 1960) causing the email to be > delivered to the bottom of user's clients and sometimes sorted as spam > due to the incorrect date. > > So I would want to replace the incorrect header with an correct one > fetched from the server time. > How can this be accomplished? 1. It's not clear how you would decide that date header is incorrect. Which creteria would be used for such decision? 2. Header rewriting means delivery of wrong (false) information to recipient, that is a Bad Thing. If you want to deliver a mail with "correct date", you have better to make a special mail message for user and attach a copy of the original mail to it. 3. Alternative approach is to reject mails with incorrect date header. There is no problem to write ACL which check, for example, presence of current year in date header, as "2018" substring. Do not forget to reject with some informative message for sender, say, "This message was rejected because it has invalid date header "$h_date:"". -- Eugene Berdnikov -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] Avoiding bounces
I don't reject invalid HELO's or invalid rDNS and get very Little
spam, because I just ban all those shitty TLDs.
I have found out that most spam uses those new shitty TLDs so just
banning these shitty TLDs in the MIME from and MAIL from is a good
solution:
MAIL from stage:
deny
message = Banned TLD
sender_domains =
^(?i).*\\.(study|reise|technology|club|fun|bid|store|top|xyz|pro|date|faith|stream|host|loan|download|click|link|science|design|gdn|men|win|party|webcam|rocks|email|life|ninja|online|racing|review|site|trade|vividal|website|works|work|cricket|help|camera|computer|space|uno|tech|news|space|guru|berlin|photography|global|today|solutions|media|world|university|shop)\$
then one for Mime from stage:
deny
message = Banned TLD in MIME From ($h_from:)
condition = ${if match
{$h_from:}{^(?i).*\\.(study|reise|technology|club|fun|bid|store|top|xyz|pro|date|faith|stream|host|loan|download|click|link|science|design|gdn|men|win|party|webcam|rocks|email|life|ninja|online|racing|review|site|trade|vividal|website|works|work|cricket|help|camera|computer|space|uno|tech|news|space|guru|berlin|photography|global|today|solutions|media|world|university|shop)>\$}{yes}{no}}
That solves most current spam problems.
2018-05-26 23:24 GMT+02:00 Always Learning via Exim-users :
>
> On Sat, 2018-05-26 at 09:03 +0200, Luca Bertoncello wrote:
>
>> Well, unfortunately this address catches many Spam/junk E-Mails and, of
>> course, my Exim (4.88) tries to forward them.
>> Virus are blocked and will __NOT__ be forwarded, but Spam is some other and,
>> of course, I cannot be sure if an E-Mail is Spam or not, so I have to forward
>> it...
>
> I disagree, based on my 9? years of happy, contented and grateful usage
> of Exim.
>
> If you reject emails from MTAs having no rDNS or no resolving HELO (or
> EHLO) names or having a HELO name that is different from the sending
> MTA's host name, most of your spam will not reach your users.
>
> I then take additional Exim-based spam-repulsion activities and only get
> ONE spam perhaps every few weeks, despite having 5 incoming MTAs in 3
> countries.
>
> Do not do nothing and let yourself become a willing victim of spam.
>
>
> --
> Kind regard,
>
> Paul.
> England, EU. England's place is in the European Union.
>
>
> --
> ## List details at https://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] Avoiding bounces
On Sat, 2018-05-26 at 09:03 +0200, Luca Bertoncello wrote: > Well, unfortunately this address catches many Spam/junk E-Mails and, of > course, my Exim (4.88) tries to forward them. > Virus are blocked and will __NOT__ be forwarded, but Spam is some other and, > of course, I cannot be sure if an E-Mail is Spam or not, so I have to forward > it... I disagree, based on my 9? years of happy, contented and grateful usage of Exim. If you reject emails from MTAs having no rDNS or no resolving HELO (or EHLO) names or having a HELO name that is different from the sending MTA's host name, most of your spam will not reach your users. I then take additional Exim-based spam-repulsion activities and only get ONE spam perhaps every few weeks, despite having 5 incoming MTAs in 3 countries. Do not do nothing and let yourself become a willing victim of spam. -- Kind regard, Paul. England, EU. England's place is in the European Union. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] rewrite incorrect date headers from email clients
On 26/05/18 20:52, Sebastian Nielsen via Exim-users wrote: > How I do to rewrite the date header from email clients in exim4 config > so it are replaced with the server date/time? > > The problem is that some clients and software are submitting an > incorrect date header (like 1 jan 1960) causing the email to be > delivered to the bottom of user's clients and sometimes sorted as spam > due to the incorrect date. > > So I would want to replace the incorrect header with an correct one > fetched from the server time. > How can this be accomplished? > Your main problem will be deciding when to do this. Date/time formats are notoriously fluid. However, once you've made that decision, remove-header and add-header operations are available in ACLs. Look in the ACL chapter in the manual. Obviously for the add you will need to construct something; look at the string-expansions chapter. -- Cheers, Jeremy -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
[exim] rewrite incorrect date headers from email clients
How I do to rewrite the date header from email clients in exim4 config so it are replaced with the server date/time? The problem is that some clients and software are submitting an incorrect date header (like 1 jan 1960) causing the email to be delivered to the bottom of user's clients and sometimes sorted as spam due to the incorrect date. So I would want to replace the incorrect header with an correct one fetched from the server time. How can this be accomplished? -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] Avoiding bounces
On 26/05/18 15:05, Luca Bertoncello via Exim-users wrote: > Well, this "info@"-address is a forward to many recipients, not just one... Oh, a mail-exploder. OK, no cutthrough routing possible. This is effectively a mailinglist, and you need to put real effort into curating it. Things like: on the slightest evidence of dodgyness - including, but not limited to, bad rDNS, bad HELO, bad dnsbl, bad sender-verify-callout, perhaps even unwhitelisted-senders - divert to a quarantine queue for manual vetting. And consider just rejecting on those grounds, too. Or, as Lena suggests, for Google use a POP-sucker rather than SMTP forwarding. But that means telling Google some credentials for your box, and providing POP access (I strongly suggest you create a/some dedicated account(s) for that, with the credentials not used for any other purpose). We are, of course, assuming you have control of the Google account(s) concerned. -- Cheers, Jeremy -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] Avoiding bounces
Jeremy Harris via Exim-users schrieb: > But you're better-off never accepting the message. Consider doing > cutthrough-routing for these; this means that if the site you are > forwarding to (Google) refuses the message even as late as after-data > (which, given they need to analyse the body, is likely) then so do you > (for the originator talking to you). Well, this "info@"-address is a forward to many recipients, not just one... I could refuse the message if at least one recipient will refuse it. This would like me. Now the very question: how can I do that? Thank you for your help! Regards Luca Bertoncello (lucab...@lucabert.de) -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] Avoiding bounces
> I have an "info@"-address that forwards the E-Mails to other > addresses, some on them outside my servers. > > Well, unfortunately this address catches many Spam/junk E-Mails and, of > course, my Exim (4.88) tries to forward them. > Virus are blocked and will __NOT__ be forwarded, but Spam is some other and, > of course, I cannot be sure if an E-Mail is Spam or not, so I have to forward > it... No, you haven't to forward it. You can deliver to a local mailbox (or several mailboxes) and configure your mail clients to download mail from those mailboxes via POP3 or IMAP. > some recipient (in this case: Google) refuse some E-Mail if they are > Spam (in the "mind" of Google) Gmail also can download via POP3. By forwarding spam to Google, you harm reputation of your server. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
Re: [exim] Avoiding bounces
On 26/05/18 08:03, Luca Bertoncello via Exim-users wrote: > My problem: I have an "info@"-address that forwards the E-Mails to other > addresses, some on them outside my servers. > > Well, unfortunately this address catches many Spam/junk E-Mails and, of > course, my Exim (4.88) tries to forward them. > Virus are blocked and will __NOT__ be forwarded, but Spam is some other and, > of course, I cannot be sure if an E-Mail is Spam or not, so I have to forward > it... > > Now, some recipient (in this case: Google) refuse some E-Mail if they are > Spam (in the "mind" of Google), so a bounce will generated. > All correct, but... But you're better-off never accepting the message. Consider doing cutthrough-routing for these; this means that if the site you are forwarding to (Google) refuses the message even as late as after-data (which, given they need to analyse the body, is likely) then so do you (for the originator talking to you). > ... sometimes the E-Mail __IS__ spam and the sender cannot be contacted since > his server refuse my bounces. > It results in many bounces in my Exim-queue. This is where sender-verify callouts are useful, despite some people regarding them as bad. But if you're doing cutthrough you don't even need that. > Now the question: can I configure Exim to simply delete these bounces > (identified by refused from Google)? The trick is to never accept these messages, so that no bounce is generated. -- Cheers, Jeremy -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
[exim] Avoiding bounces
Hi list! My problem: I have an "info@"-address that forwards the E-Mails to other addresses, some on them outside my servers. Well, unfortunately this address catches many Spam/junk E-Mails and, of course, my Exim (4.88) tries to forward them. Virus are blocked and will __NOT__ be forwarded, but Spam is some other and, of course, I cannot be sure if an E-Mail is Spam or not, so I have to forward it... Now, some recipient (in this case: Google) refuse some E-Mail if they are Spam (in the "mind" of Google), so a bounce will generated. All correct, but... ... sometimes the E-Mail __IS__ spam and the sender cannot be contacted since his server refuse my bounces. It results in many bounces in my Exim-queue. Now the question: can I configure Exim to simply delete these bounces (identified by refused from Google)? And of course, how can I mark the E-Mail as "refused from Google"? Thanks a lot Luca Bertoncello (lucab...@lucabert.de) -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
