AddingAbuseInfo

Nigel Metheringham edited this page Nov 25, 2012 · 1 revision
Clone this wiki locally

This HOW-TO describes how to add abuse information to each email message processed by the Exim MTA. The file can be downloaded at http://tanaya.net/DynaStop/EximAbuse.tgz

This method requires the zcw program from CyberAbuse located at:

http://www.fr1.cyberabuse.org/whois/?page=downloads

to be installed on your harddrive. The whoip script assumes zcw is in /usr/local/bin

Be sure you copy the whoip script included in this distribution to your /usr/exim folder.

Compile the addtag program and copy it to /usr/local/bin or to /usr/exim whichever is more convienent for you. The whoip script assumes it is in /usr/local/bin

Compile and copy with:

{{{./COMPILE cp addtag /usr/local/bin}}}

Add the below lines above your postmaster and abuse sections:

{{{### Add abuse info to the message

warn condition = \${if !def:h_X-AbuseInfo01:}

set acl_m3 = \${run{/usr/exim/whoip \$sender_host_address}} message = \$acl_m3}}}

Restart your Exim and it will now begin tagging all mail with abuse information.

Exim will now insert something like this into each email processed: {{{X-AbuseInfo01: IP range : 146.22.0.0 - 146.46.255.255 X-AbuseInfo02: Network name : CHEVRON X-AbuseInfo03: Infos : Chevron Corporation X-AbuseInfo04: Infos : 6001 Bollinger Canyon Road X-AbuseInfo05: Infos : San Ramon X-AbuseInfo06: Infos : CA X-AbuseInfo07: Infos : 94583-2324 X-AbuseInfo08: Country : United States (US) X-AbuseInfo09: Abuse E-mail : hostmaster@chevrontexaco.com X-AbuseInfo10: Source : ARIN}}}