Created
April 24, 2023 10:15
-
-
Save ryancdotorg/28ff54f12b803a072a22ed6910501b91 to your computer and use it in GitHub Desktop.
exim acl to block address verification services
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# WARNING: These rules may cause your email addresses to be rejected by various | |
# services and/or flagged as potentially fraudulent. Care has been taken to make | |
# these rules as precise as possible, but there may be false positives. I take | |
# no responsibility for what happens if you use these rules. | |
# defer address validation attempts | |
defer | |
message = Please try later | |
log_message = everify probe (ip) | |
condition = ${if match_ip{$sender_host_address}{185.31.204.0/22}} | |
defer | |
message = Please try later | |
log_message = zerobounce probe (spf generic) | |
condition = ${if forany\ | |
{<, ${lookup dnsdb{>, defer_never,txt=$sender_address_domain}}}\ | |
{match{$item}{\N^v=spf1\s+(?:a\s+|mx\s+){0,2}(([+]?ip4:\d+\.\d+\.\d+\.)\d+(\s+\2\d+){3}\s+([+]?ip4:\d+\.\d+\.\d+\.)\d+(\s+\4\d+){3}|(([+]?ip4:\d+\.\d+\.)\d+(\.\d+/30)\s+\7\d+\8))(\s+include:_spf\.google\.com)?\s+-all$\N}}\ | |
{yes}{no}\ | |
} | |
defer | |
message = Please try later | |
log_message = zerobounce probe (spf eight ip) | |
condition = ${if forany\ | |
{<, ${lookup dnsdb{>, defer_never,txt=$sender_address_domain}}}\ | |
{match{$item}{\N^v=spf1\s+(ip4:\d+\.\d+\.\d+\.)\d+( \1\d+){3} (ip4:\d+\.\d+\.\d+\.)\d+( \3\d+){3}\s+-all$\N}}\ | |
{yes}{no}\ | |
} | |
defer | |
message = Please try later | |
log_message = zerobounce probe (spf two slash thirty) | |
condition = ${if forany\ | |
{<, ${lookup dnsdb{>, defer_never,txt=$sender_address_domain}}}\ | |
{match{$item}{\N^v=spf1\s+(ip4:\d+\.\d+\.)\d+(\.\d+/30) \1\d+\2\s+-all$\N}}\ | |
{yes}{no}\ | |
} | |
defer | |
message = Please try later | |
log_message = strikeiron probe | |
condition = ${if eq {${lookup dnsdb{>, defer_never,txt=$sender_address_domain}}}{v=spf1 mx -all}} | |
condition = ${if eq {${lookup dnsdb{>, defer_never,mx=$sender_address_domain}}}{10 mx.$sender_address_domain}} | |
condition = ${if match {${lookup dnsdb{>, defer_never,ns=$sender_address_domain}}}{\Nns[1-9]?[.]gkg[.]net,\N}} | |
condition = ${if match {${lookup dnsdb{>:,; defer_never,soa=$sender_address_domain}}}{\N;root[.]\N}} | |
# defer | |
# message = Please try later | |
# log_message = csc probe | |
# condition = ${if match{$sender_address_domain}{\N^[a-z]{3}\d\d(\.[a-z0-9-]){2,8}$\N}} | |
# condition = ${if eq {${lookup dnsdb{>, defer_never,mx=$sender_address_domain}}}{10 $sender_address_domain}} | |
# condition = ${if forany\ | |
# {<, ${lookup dnsdb{>, defer_never,txt=$sender_address_domain}}}\ | |
# {match{$item}{^v=spf1\s+a\s+mx\s+ptr\s+ip4:$sender_host_address\s+mx:$sender_address_domain\s+-all$}}\ | |
# {yes}{no}\ | |
# } | |
# condition = ${if match {${lookup dnsdb{>:,; defer_never,soa=$sender_address_domain}}}{\N;hostmaster[.]cscdns[.]net[.]\N}} | |
defer | |
message = Please try later | |
log_message = hubuco probe | |
condition = ${if eq {$sender_address_domain}{hubucoapp.com}} | |
# origindata.com | |
# slice-7.verslice.com | |
defer | |
message = Please try later | |
log_message = misc validation probe | |
sender_domains = send-now.net : vitorena.com : universalsynch.com : kickboxio.net : crowdxl.com : cm2.debounce.io | |
defer | |
message = Please try later | |
log_message = audise probe | |
condition = ${if match {$sender_address_domain}{\N[.]audise[.]com$\N}} | |
defer | |
message = Please try later | |
log_message = towerdata probe | |
hosts = 67.227.81.0/24 : 67.227.86.0/24 : 67.227.90.0/23 : 67.227.92.0/23 : 67.227.94.0/23 | |
condition = ${if match {$sender_address}{\Ngandalf@\w+\.\w+\.\w+$\N}} | |
condition = ${if eq {$sender_address}{gandalf@$sender_helo_name}} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment