Am using the /etc/antivirus.exim file to filter out some persistant spammers.
Got a few servers that should work with the exact same antivirus.exim file.
Question - How could I get the antivirus.exim file to reference a web page, e.g. something like http://domain.com/filter.txt
I would guess that I will need to cron a shell script to go out and bring in filter.txt every-so-many-minutes, then replace the content of antivirus.exim with the content of http://domain.com/filter.txt
But I am hard pressed to find any scripting example of this kind of thing.
Anyone?
----
By the way, if this helps anyone, here is my current antivirus.exim file which seems to lower the spam rate by some degree:
# Exim filter
if error_message then finish endif
if
$message_headers contains "tpnet.pl"
or $header_subject contains "SEXUALLY-EXPLICIT"
or $message_body contains "tzakol"
or $message_body contains "LegalRX"
or $message_body contains "Anatrim"
or $message_body contains "PostCard.exe"
or $message_body contains "go.ro"
or $message_body contains "Viagra"
or $message_body contains "viagra"
or $message_body contains "Stocks Alert"
or $message_body contains "St0ck"
or $message_body contains "H0T NEWS"
or $message_body contains "Str0ng Buy"
or $message_body contains "businesswire"
or $message_body contains "BUSINESS WIRE"
or $message_body contains "phentermine"
or $message_body contains "Phentermine"
or $message_body contains "your meds"
then
save "/dev/null" 660
endif
------------------------------------
Follow up question ---> Does anyone know of a way that I could make these rules caseUNsensitive, i.e. so I would not need two or more rules to cover caps, like this:
or $message_body contains "Viagra"
or $message_body contains "viagra"
Got a few servers that should work with the exact same antivirus.exim file.
Question - How could I get the antivirus.exim file to reference a web page, e.g. something like http://domain.com/filter.txt
I would guess that I will need to cron a shell script to go out and bring in filter.txt every-so-many-minutes, then replace the content of antivirus.exim with the content of http://domain.com/filter.txt
But I am hard pressed to find any scripting example of this kind of thing.
Anyone?
----
By the way, if this helps anyone, here is my current antivirus.exim file which seems to lower the spam rate by some degree:
# Exim filter
if error_message then finish endif
if
$message_headers contains "tpnet.pl"
or $header_subject contains "SEXUALLY-EXPLICIT"
or $message_body contains "tzakol"
or $message_body contains "LegalRX"
or $message_body contains "Anatrim"
or $message_body contains "PostCard.exe"
or $message_body contains "go.ro"
or $message_body contains "Viagra"
or $message_body contains "viagra"
or $message_body contains "Stocks Alert"
or $message_body contains "St0ck"
or $message_body contains "H0T NEWS"
or $message_body contains "Str0ng Buy"
or $message_body contains "businesswire"
or $message_body contains "BUSINESS WIRE"
or $message_body contains "phentermine"
or $message_body contains "Phentermine"
or $message_body contains "your meds"
then
save "/dev/null" 660
endif
------------------------------------
Follow up question ---> Does anyone know of a way that I could make these rules caseUNsensitive, i.e. so I would not need two or more rules to cover caps, like this:
or $message_body contains "Viagra"
or $message_body contains "viagra"