Skip to content

Instantly share code, notes, and snippets.

@ryancdotorg
Created April 24, 2023 10:15
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save ryancdotorg/28ff54f12b803a072a22ed6910501b91 to your computer and use it in GitHub Desktop.
Save ryancdotorg/28ff54f12b803a072a22ed6910501b91 to your computer and use it in GitHub Desktop.
exim acl to block address verification services
# WARNING: These rules may cause your email addresses to be rejected by various
# services and/or flagged as potentially fraudulent. Care has been taken to make
# these rules as precise as possible, but there may be false positives. I take
# no responsibility for what happens if you use these rules.
# defer address validation attempts
defer
message = Please try later
log_message = everify probe (ip)
condition = ${if match_ip{$sender_host_address}{185.31.204.0/22}}
defer
message = Please try later
log_message = zerobounce probe (spf generic)
condition = ${if forany\
{<, ${lookup dnsdb{>, defer_never,txt=$sender_address_domain}}}\
{match{$item}{\N^v=spf1\s+(?:a\s+|mx\s+){0,2}(([+]?ip4:\d+\.\d+\.\d+\.)\d+(\s+\2\d+){3}\s+([+]?ip4:\d+\.\d+\.\d+\.)\d+(\s+\4\d+){3}|(([+]?ip4:\d+\.\d+\.)\d+(\.\d+/30)\s+\7\d+\8))(\s+include:_spf\.google\.com)?\s+-all$\N}}\
{yes}{no}\
}
defer
message = Please try later
log_message = zerobounce probe (spf eight ip)
condition = ${if forany\
{<, ${lookup dnsdb{>, defer_never,txt=$sender_address_domain}}}\
{match{$item}{\N^v=spf1\s+(ip4:\d+\.\d+\.\d+\.)\d+( \1\d+){3} (ip4:\d+\.\d+\.\d+\.)\d+( \3\d+){3}\s+-all$\N}}\
{yes}{no}\
}
defer
message = Please try later
log_message = zerobounce probe (spf two slash thirty)
condition = ${if forany\
{<, ${lookup dnsdb{>, defer_never,txt=$sender_address_domain}}}\
{match{$item}{\N^v=spf1\s+(ip4:\d+\.\d+\.)\d+(\.\d+/30) \1\d+\2\s+-all$\N}}\
{yes}{no}\
}
defer
message = Please try later
log_message = strikeiron probe
condition = ${if eq {${lookup dnsdb{>, defer_never,txt=$sender_address_domain}}}{v=spf1 mx -all}}
condition = ${if eq {${lookup dnsdb{>, defer_never,mx=$sender_address_domain}}}{10 mx.$sender_address_domain}}
condition = ${if match {${lookup dnsdb{>, defer_never,ns=$sender_address_domain}}}{\Nns[1-9]?[.]gkg[.]net,\N}}
condition = ${if match {${lookup dnsdb{>:,; defer_never,soa=$sender_address_domain}}}{\N;root[.]\N}}
# defer
# message = Please try later
# log_message = csc probe
# condition = ${if match{$sender_address_domain}{\N^[a-z]{3}\d\d(\.[a-z0-9-]){2,8}$\N}}
# condition = ${if eq {${lookup dnsdb{>, defer_never,mx=$sender_address_domain}}}{10 $sender_address_domain}}
# condition = ${if forany\
# {<, ${lookup dnsdb{>, defer_never,txt=$sender_address_domain}}}\
# {match{$item}{^v=spf1\s+a\s+mx\s+ptr\s+ip4:$sender_host_address\s+mx:$sender_address_domain\s+-all$}}\
# {yes}{no}\
# }
# condition = ${if match {${lookup dnsdb{>:,; defer_never,soa=$sender_address_domain}}}{\N;hostmaster[.]cscdns[.]net[.]\N}}
defer
message = Please try later
log_message = hubuco probe
condition = ${if eq {$sender_address_domain}{hubucoapp.com}}
# origindata.com
# slice-7.verslice.com
defer
message = Please try later
log_message = misc validation probe
sender_domains = send-now.net : vitorena.com : universalsynch.com : kickboxio.net : crowdxl.com : cm2.debounce.io
defer
message = Please try later
log_message = audise probe
condition = ${if match {$sender_address_domain}{\N[.]audise[.]com$\N}}
defer
message = Please try later
log_message = towerdata probe
hosts = 67.227.81.0/24 : 67.227.86.0/24 : 67.227.90.0/23 : 67.227.92.0/23 : 67.227.94.0/23
condition = ${if match {$sender_address}{\Ngandalf@\w+\.\w+\.\w+$\N}}
condition = ${if eq {$sender_address}{gandalf@$sender_helo_name}}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment