DNSBLS blacklists (such as spamhaus.org) will reduce your spam A LOT! In Exim4 this is almost trivial.
Go into “/etc/exim4/exim4.conf.template” and look for the stanza
.ifdef CHECK_RCPT_IP_DNSBLS warn message = X-Warning: $sender_host_address is listed at $dnslist_domain ($dnslist_value: $dnslist_text) log_message = $sender_host_address is listed at $dnslist_domain ($dnslist_value: $dnslist_text) dnslists = CHECK_RCPT_IP_DNSBLS .endif
This will put a warning message on any emails that come in which match a record found in your DNSBLS service(s). Personally I change the “warn” to “deny”. I don't want to see their junk at all. In FACT, I also change the “message” tag above to
message = 550 Unrouteable address : User unknown\n\ Write "postmaster" for questions
Seriously… why TELL the spammer that they're blacklisted? Just tell them that the user doesn't exist - maybe you'll be removed from their list…
To actually specify your DNSBLS services, you'll need to add a line like this
CHECK_RCPT_IP_DNSBLS = sbl-xbl.spamhaus.org:dnsbl.sorbs.net:combined.njabl.org:bl.spamcop.net:psbl.surriel.com
somewhere in your “/etc/exim4/exim4.conf.template” file. Personally I put it just BEFORE the “begin acl” statement since exim4 will complain if you put it INSIDE of the ACL checking stanzas.
You should search for different DNSBLS services out there.
Note that you can start a “fake” SMTP session to see if a certain IP address will be rejected by issuing the following command:
exim4 -bh [IP address]
where [IP address] is the IP address that you can pull from one of those spam messages that you have been receiving. This will start a test SMTP session. Now type the following commands:
ehlo assholespammer.com MAIL FROM:somejerk@assholespammer.com RCPT TO:john@yourdomain.com
Hopefully you'll get rejected. Try looking around for other DNSBLS servers (by using blacklisting I have an account that went from about 50 spam per day to just 1!). This, coupled with SpamAssassin, should give you some good results.
mxtoolbox