File Name
<h1>Easy Spam Fighter</h1>
Credit to <a target=_blank href=",_reliable_spam_fighting_with_Exim">,_reliable_spam_fighting_with_Exim</a><br>
this version has been modified for use with a DirectAdmin System.<br>
It requires a minimum of exim.conf 4.3.x and 20<br>
It also requires exim be compiled with EXPERIMENTAL_SPF, which can be confirmed with:<br>
<textarea readonly cols=180 rows=1>exim -bV | grep ^SPF</textarea><br><br>

CustomBuild 2.0 has been updated to add this to the Makefile at compile time if:<br>
is set in the options.conf:<br>
<a target=_blank href="">Recompile Exim</a><br>


See this guide for automated CustomBuild 2.0 install:<br>
<a target=_blank href=""></a><br>

See the forum for issues or questions:<br>
<a target=_blank href=""></a><br>


The Easy Spam Fighter (simplied wording from "Easy, Reliable, Spam Fighting, with Exim")
is a set of exim ACLs that do various checks, and any check that returns a result (possible spam)
it then increases the score (saved and incremented in $acl_m_easy69)
At the end of the DATA ACL, if the score is below the limit, run a basic smtp-time SpamAssassin call
and add the "int_score to acl_m_easy69. (eg: 2.7 has int score of 27)
If already above the limit, don't bother running SpamAssassin, as it will be spam already.
This last skip will save CPU processing.
After all that, if the score is above a threshold, the message is rejected, at SMTP-time, and it never enters your queue.
If it's below the threshold, multiple headers are added to explain each score.<br>


-- variables.conf<br>
If you want to customize the file, create your own file:<br>
-- variables.conf.custom, and set only the values in this file as desired, and they'll override the defaults. You must use <a href=''>double == in this file</a>, and issue ./build exim_conf to merge to the main conf.<br>
<textarea readonly cols=180 rows=16>
EASY_LIMIT = 55 - max score before an email is considered spam before SA is rung (main purpose is just to decide if SpamAssassin run is needed)
EASY_IS_SPAM = 20 - this is a nudge score. If SpamAssass determines it's spam (based on the User threshold), this extra score is added, on top of the spam_score_int
EASY_HIGH_SCORE_DROP = 100 - very high scoring spam is dropped at this score, and not allowed to enter.
EASY_SPF_PASS = -30 - If the SPF passes, the score drops by this amount
EASY_SPF_SOFT_FAIL = 30 - If the SPF hits a softfail from ~all, this score is added.
EASY_SPF_FAIL = 100 - If the SPF hits a hard fail from -all: A:EASY_SPF_FAIL>=EASY_HIGH_SCORE_DROP, message is dropped. else B:EASY_SPF_FAIL is added to score.
EASY_DKIM_PASS = -20 - If the DKIM Passes, the score drops by this amount
EASY_DKIM_FAIL = 100 - If the DKIM Fails, the score is added.
EASY_NO_REVERSE_IP = 100 - Sender IP must have a reverse IP lookup, or this score is added.
EASY_FORWARD_CONFIRMED_RDNS = -10 - Sender IP has reverse IP PLUS forward A lookup back to the same IP, so we subtract 10.
EASY_DNS_BLACKLIST = 50 - IP that is in a dns black list (RBL) gets this score
EASY_SPAMASSASSIN_MAX_SIZE = 200K - max size that SpamAssassin will scan.
EASY_SKIP_SENDERS = /etc/virtual/esf_skip_senders - file to hold MAIL FROM addresses that ESF should skip checks for SPF, DKIM. Wildcards allowed.
EASY_SKIP_RECIPIENTS = /etc/virtual/esf_skip_recipients - file to hold RCPT TO addresses that ESF should skip checks for DKIM, RBL. Wildcards allowed.
EASY_SKIP_HOSTS = /etc/virtual/esf_skip_hosts - file to hold reverse IP lookup hostlist that ESF should skip checks for. Wilcards allowed.
EASY_SKIP_IPS = /etc/virtual/esf_skip_ips - file to hold ip list that ESF should skip checks for. Can be or ranges</textarea><br>

-- check_mail.conf<br>
Does the MX dns checks, SPF record checks, and reverse IP check.<br>
-- check_rcpt.conf<br>
Check on the RBLs and add score<br>
-- check_message.conf<br>
will run SpamAssassin if the score is low enough, but above that score, it doesn't bother.<br>
If run, the int spam score is added.<br>
After, the message is decided if it should be dropped.<br>
-- /etc/virtual/esf_skip_senders<br>
file to hold MAIL FROM addresses that ESF should skip checks for SPF, DKIM.<br>
Uses wildlsearch, so can use *<br>
Does not have to exist<br>
-- /etc/virtual/esf_skip_recipients<br>
file to hold RCPT TO addresses that ESF should skip checks for DKIM, RBL.<br>
Uses wildlsearch, so can use *<br>
Does not have to exist<br>