LOCAL_CONFIG Fw/etc/vdomain.cw Kvdomain hash /etc/vdomain # list of people who like spam F{fools} /etc/WantSpam # list of known spammers Kjunk hash -a@JUNK /etc/spammers # List of network addresses we will relay for F{LocalIP} /etc/LocalIP # List of outside domains we will relay to F{RelayTo} /etc/RelayTo LOCAL_RULE_0 R$* $: $>vmap $1 # Since we do this so much, a rule to map virtual domain addresses into # local user addresses. Svmap R$+ < @ $+ . > $: $1 < @ $2 > . R$+ < @ $+ > $* $: $(vdomain $1@$2 $: $1 < @ $2 > $3 $) R$+ < @ $+ > $* $: $(vdomain $2 $: $1 < @ $2 > $3 $) R$+ < @ $+ > . $: $1 < @ $2 . > # Antispam rules follow. # First the junk rule. This looks up an address in the spammer database. # The return will be an error message with "@JUNK" appended. Sjunk R$* $: $(junk $1$) look for host in spammer list R$+@JUNK $@ $1@JUNK return message if found R@JUNK $@ Spam refused @JUNK generic message R$-.$+ $: $1 . $>junk $2 retry skipping lead subdomain R$-.$+@JUNK $@ $2@JUNK return message if found # Now the junkIP rule, which works the same but takes an IP address. SjunkIP R$* $: $(junk $1$) look for host in spammer list R$+@JUNK $@ $1@JUNK return message if found R@JUNK $@ Spam refused @JUNK generic message R$+.$- $: $2 . $>junkIP $1 retry without trailing number R$-.$+@JUNK $@ $2@JUNK return message if found R$-.$+ $@ $2.$1 fix order if not spammer # Disallow mail in-transit unless it is from or to one of our systems, # or to a domain listed in /etc/vdomain.cf, # or from an IP address listed in /etc/LocalIP. # or to a domain named in /etc/RelayTo Scheck_rcpt R$* $: $>vmap $>3 $1 normalize address # Refuse to relay mail between nonlocal systems R$* $: $(dequote "" $&{client_addr} $) $| $1 R0 $| $* $@ ok no client addr: directly invoked R$={LocalIP}$* $| $* $@ ok from here R$* $| $* $: $2 not from local, check recipient R$*<@$=w.>$* $>3 $1 $3 remove our aliases, maybe repeatedly R$*<@$*$={RelayTo}.>$* $>3 $1 $4 remove domains we relay to # still something left? R$*<@$+>$* $#error $@ 5.5.4 $: "554 we do not relay from " $&{client_name} " to " $1@$2$3 # Allow mail to fools who like spam, and otherwise block spammers R$={fools} $@ ok recipient listed as wanting spam # Block by host or domain name R$* $: $(dequote "" $&{client_name} $) R$* $: $>junk $1 R$*@JUNK $#error $@ 5.5.4 $: "554 " $1 ": " $&{client_name} # Block by network or host IP address R$* $: $(dequote "" $&{client_addr} $) R$* $: $>junkIP $1 R$*@JUNK $#error $@ 5.5.4 $: "554 " $1 ": " $&{client_addr} # Block by specific email address R$* $: $(dequote "" $&f $) R$* $: $>junk $1 R$*@JUNK $#error $@ 5.5.4 $: "554 " $1 ": " $&f R$* @ $* $: $1 @ $>junk $2 R$* @ $*@JUNK $#error $@ 5.5.4 $: "554 " $2 ": " $&f # Block mail from invalid addresses R$* $: $>3 $1 make domain canonical R$* < @ $+ .> $* $@ ok name resolved ok # Killer case -- single token domain R$* < @ $- > $* $#error $@ 5.5.1 $: "551 Invalid host name: " $2 # Delay case -- domain doesn't resolve R$* < @ $+ > $* $#error $@ 4.5.1 $: "451 Unknown domain: " $2