Nigel Metheringham edited this page Nov 25, 2012 · 1 revision
Clone this wiki locally

This HOW-TO describes how to add abuse information to each email message processed by the Exim MTA. The file can be downloaded at

This method requires the zcw program from CyberAbuse located at:

to be installed on your harddrive. The whoip script assumes zcw is in /usr/local/bin

Be sure you copy the whoip script included in this distribution to your /usr/exim folder.

Compile the addtag program and copy it to /usr/local/bin or to /usr/exim whichever is more convienent for you. The whoip script assumes it is in /usr/local/bin

Compile and copy with:

{{{./COMPILE cp addtag /usr/local/bin}}}

Add the below lines above your postmaster and abuse sections:

{{{### Add abuse info to the message

warn condition = \${if !def:h_X-AbuseInfo01:}

set acl_m3 = \${run{/usr/exim/whoip \$sender_host_address}} message = \$acl_m3}}}

Restart your Exim and it will now begin tagging all mail with abuse information.

Exim will now insert something like this into each email processed: {{{X-AbuseInfo01: IP range : - X-AbuseInfo02: Network name : CHEVRON X-AbuseInfo03: Infos : Chevron Corporation X-AbuseInfo04: Infos : 6001 Bollinger Canyon Road X-AbuseInfo05: Infos : San Ramon X-AbuseInfo06: Infos : CA X-AbuseInfo07: Infos : 94583-2324 X-AbuseInfo08: Country : United States (US) X-AbuseInfo09: Abuse E-mail : X-AbuseInfo10: Source : ARIN}}}