# Database definition Kjunkmail btree /etc/mail/junkmail Scheck_mail # Canonicalize R $* $: $>3 $1 R$*<@$*.> $1<@$2> remove trailing dot, we don't care here # DB lookup on domain R $+ < @ $* > $: $1 < @ $(junkmail $2 $:$2 $) > junk domains # DB lookup for parent (eg. something.junkmail.domain) R $+ < @ $-.$* > $: $1 < @ $(junkmail $3 $:$2.$3 $) > junk subdomains # DB lookup for multiple level parent (eg. something.something.junkmail.domain) R $+ < @ $-.$-.$* > $: $1 < @ $(junkmail $4 $:$2.$3.$4 $) > junk subdomains # Check for explicit match R $+ < @ $* > $: $1 < @ $(junkmail $1@$2 $:$2$) > junk users # If junkmail reject R $* <@ JUNKMAIL> $#error $@ 5.7.1 $: "Sorry, we don't accept junk mail" # If rejecting for some other reason reject R $* <@ REJECT> $#error $@ 5.7.1 $: "Sorry, sending user rejected"The DB then looks like the following:
natureplus.com JUNKMAIL cyberpromo.com JUNKMAIL honey@sweeties.com JUNKMAIL user@screwedup.domain REJECTAs you can see from the rules, the matching has to be made with different numbers of subdomains. This might be a drawback, but it fits for most spammers.
Here is a solution which works in a similar way:
Kjunkone dbm /etc/mail/junkone Kjunktwo dbm /etc/mail/junktwo Kjunkuser dbm /etc/mail/junkuser Scheck_mail # Canonicalize R$* $: $>3 $1 R$+<@$*.> $:$1<@$2> remove trailing dot, we don't care here R$+<@$*$-.$-> $: $1<@ $(junkone $3.$4 $:$2$3.$4$)> junk subdomains R$+<@$*$-.$-.$-> $: $1<@ $(junktwo $3.$4.$5 $:$2$3.$4.$5$)> junk subdomains R$+<@$*> $:$1<@$(junkuser $1@$2 $:$2 $)> junk users R$*<@JUNKMAIL> $#error $@ 5.7.1 $: "550 Sorry, we don't accept junk mail" R$*<@REJECT> $#error $@ 5.7.1 $: "550 Sorry, sending user rejected"I split the database into three different:
junkone/junktwo
contain those which have one/two level(s) in addition to
the toplevel,
junkuser
contains the users. Now there can be an arbitrary
number of subdomains before this, and if there are junk domains with
more than three levels, we have to introduce another database.
junkone:
natureplus.com JUNKMAIL cyberpromo.com JUNKMAIL
junkuser:
honey@sweeties.com JUNKMAIL user@screwedup.domain REJECT
junktwo
is currently empty (no spammer uses such a domain?).