Filter Spam Image question


Well-Known Member
Oct 6, 2001

is there something like qmail have filter domain have mx or not.

"511 sorry, can't find a valid MX for sender domain"

i have search some exim website , find this.

Is it work for my exim ?

I want to check sender MX , if no mx with the vaild ip (match sender server ip) , then del the message.(i think this can filter most of spam)

A lot of zombie ISPs don't have a MX. And therefore no abuse address either. Below an experimental test to see if they have one and if it is a hostname. If the host is 'a.b.c.d.e' it will first try 'd.e', then 'c.d.e' and finally 'b.c.d.e'. If none if these result in a hostname, the mail is rejected.
'mxh' gives you teh MX-es without their preferences. '>:' replaces the newlines in the results with colons (':').
# Check host's MX domain
# Looks for mx for host a.b.c.d.e
# First check d.e, then c.d.e and then b.c.d.e
deny message = No MX for host $sender_host_name domain See See
hosts = ! : !+relay_from_hosts
# Put lookup result in variable
set acl_m8 = ${lookup dnsdb {>: mxh=\
${extract{-2}{.}{$sender_host_name}}.${extract{-1}{.}{$sender_host_name}} : \
${extract{-1}{.}{$sender_host_name}} : \
# Test content of variable; The MX has to be a hostname.
condition = ${if !match {$acl_m8}{\N.*[A-Za-z].*\..*[A-Za-z].*\N}{yes}{no}}

If all went well '$acl_m8' will now contain a number of hosts separated by colons. The next thing to do is to check if these resolve to IP addresses. None of the addresses should be in use on your lan. Edit to suit your needs (don't forget to replace '192.168.1.' and '' with your own IP address(es)).
deny message = Bogus MX for host $sender_host_name domain See See
hosts = ! : !+relay_from_hosts
set acl_m8 = ${lookup dnsdb {a=$acl_m8}{$value}fail}
condition = ${if \
{!match {$acl_m8}{\N[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}\N}}\
{match {$acl_m8}{\N127\.0\.0\.1\N}}\
{match {$acl_m8}{\N192\.168\.1\.[0-9]{1,3}\N}}\
{match {$acl_m8}{\N213\.84\.159\.78\N}}\

In some cases however, the remote host DOES accept SMTP connections. You may add these to a whitelist.

is this work?