http://linux.ufaras.ru/SendmailACL.html
-----------------------------------------
LOCAL_CONFIG
# Macro
D{Rcpts}0
D{Spam_Check}1
D{Null_Check}0
#For full log to maillog
Ksyslog syslog
Kstorage macro
Kcomp arith
KDenied_IP hash /etc/mail/Denied_IP
KNOSPAM0 regex -a@MATCH tsalenko|alert|workshop|ideal|-job-|rashit|rollover
KSPAM1 regex -a@MATCH ^([[:alnum:]]*)(_+)([[:alnum:]]*)(_+)([[:alnum:]]*)(_+)[[:alnum:]_]*$
KSPA21 regex -a@MATCH movie|woman|discount|astrolog|nomail|ad{1,}res|v.agra|rassylk|anonymous|game|dollar|offer|deal|bonus|casino|re[kc]lam|office|noemail|nouser|sms|prize|sale|job|market|money|cash|shop|xxx|sex|donna|girl|adult|fuck|honey|sweet|porno|playboy|love|lolita|penis|c[0o]ck|kiss|romantic|zhifa|customer|britney|buhuchet|lopez|club|flash|extrem|shit
KSPA22 regex -a@MATCH mexic|prodigy|americano|ondagrup|futbol
KSPAM2 sequence SPA21 SPA22
KSPAM3 regex -a@MATCH ^[[:digit:]]{5,}$
KSPAM4 regex -a@MATCH ^([[:digit:]]+)([-+=._~]+)([[:digit:]]+)[[:alnum:]+=._~-]*$
KNOSPAM01 regex -a@MATCH .*S0-OTT-XSMTP.*.NRCan.gc.ca.*|web.*mail.yahoo.com|btr0x1.rz.uni-|.+ufanet.ru|.+rh.rit.edu|.*adecco.it
KSPAM7 regex -a@MATCH [0-9]+[._-]+[0-9]+[._-]+[0-9]+.+\[.+\]
KSPAM8 regex -a@MATCH ppp|customer|dhcp|dial|cable|modem|adsl|dynamic
KChSb regex -a@CATCHED tsalenko|alert|workshop|ideal|-job-|rashit|rollover
#Was removed: \$$[[:digit:]]+|[[:digit:]]+\$$|цены, рубл, $, dollar
KChSbSpam regex -a@CATCHED language.+center|toefl|game|woman|discount|casino|rassylk|reklam|reclam|prize|sale|cash|bonus|money|game|donna|girl|adult|fuck|honey|sweet|porno|c[0o]ck|play.*boy|\.love|lolita|penis|movie|darling|vi.agra
KChSbSpam2 regex -a@CATCHED [[:digit:]]+%|\.ass\.|\.sex|titt|nude|\.DVD|.+vogue|\.elle|harper's.+bazaar|marie.+claire|astrolog|viagra|fetish|\.oral|shit|topless|orgy|\.suck\.|shop|lesbo|mobil|kiss|\.sms\.|motors|business|english|drink|customer|britney|buhuchet|\.club|lopez
# win-1251:Д[д]еловой|ДЕЛОВОЙ|Р[р]азговорный|РАЗГОВОРНЫЙ|БИЗНЕС|Ббизнес|koi-8:Дделовой|ДЕЛОВОЙ|РАЗГОВОРНЫЙ|Рразговорный|Бизнес|БИЗНЕС|н г л и й с к | Н Г Л И Й С К|язык| а н г л | м е р и к а н с к
KChSbRuSpam1 regex -a@CATCHED Pr6Onx6ujp|zcPLyMnR|3j6\+jp8e|M3Dy8jJ0|DNw8vIydH|Dt4\+vo6fHq|zsfMycrTy|7ufs6erz|7n7Onq8\+v|7HzMnK08v|x8zJytPLy|Hu5\+zp6vP|=CE.*=C7.*=CC.*=C9.*=CA.*=D3.*=CB|=EE.*=E7.*=EC.*=E9.*=EA.*=F3.*=EB|[ГШЙ|[юЮ][мМ][цЦ][кК]|[лЛ].?[еЕ].?[пП].?[хХ].?[йЙ].?[юЮ].?[мМ].?[яЯ].?[йЙ]
# с к и д к | п о д а р | р е к л а м |Научитесь понимать|курс рубл|руководите| с упер| О Т Д Ы Х |аркетинг| ш т а м п | р ынок
KChSbRuSpam3 regex -a@CATCHED [яЯ][йЙ][хХ][дД][йЙ]|[оО][нН][дД][юЮ][пП]|[пП][еЕ][йЙ][кК][юЮ][лЛ]|мЮСВХРЕЯЭ\.ОНМХЛЮРЭ|ЙСПЯ\.ПСАК|ПСЙНБНАХРЕ|[яЯ]СОЕП|[нН][рР][дД][шШ][уУ]|ЮПЙЕРХМЦ|[ьЬ].?[Рр].?[Юю].?[Лл].?[Оо]|[Бб]ШУНД
# ю ридич|утешеств| т ренинг|истрибьют|тратеги| н алог|ухгалтер|ффективны|редлагаем|отрудничеств|отели знать|аш сайт| т ариф| п окуп| п рода|изнес|роизнош |азговор |есплат| к урорт| б а з а(ы) | дДеньг| о птомвм | у чеб| р ассыл
KChSbRuSpam4 regex -a@CATCHED [чЧ]ПХДХВ|СРЕЬЕЯРБ|[рР]ПЕМХМЦ|ХЯРПХАЭЧР|РПЮРЕЦХ|\.[мМ]ЮКНЦ|СУЦЮКРЕП|ТТЕЙРХБМШ|ПЕДКЮЦЮЕЛ|НРПСДМХВЕЯРБ|НРЕКХ\.ГМЮРЭ|ЮЬ\.ЯЮИР|[Рр]ЮПХТ|[оО]НЙСО|[оО]ПНДЮ|ХГМЕЯ|П.*Н.*Х.*Г.*М.*Н.*Ь|Ю.*Г.*Ц.*Н.*Б.*Н.*П|ЕЯОКЮР|[уУ]ЙСЫНР|[аА][юЮ][гГ][юЮшШ]|[Аа]МЭЦХ|[Нн]ОРН[БЛ]|[бБ]МХЛ|[Пп]ЮЯЯШК
KChSbRuSpam5 regex -a@CATCHED юридич|утешеств|[тТ]ренинг|истрибьют|тратегия|ухгалтер|ачальник|тариф|девушк|дисконт|английск|выставк|ярмарк|скидк|распродаж|реклам|знакомств|секс|рассыл|фильм|отд[оы]х|каникул|[Cс]отрудничест|[Пп]редлагаем|[Ээ]ффективн|[оО]тдых
KChSbRuSpam6 regex -a@CATCHED покуп|продаж|изнес|мышлен|произнош|язык|есплатн|курорт|маркетинг|печат|визит|обучение|деньг|опто[мв]|[а]ренда|[Сс]клад|[Оо]фис|[Пп]редлаг|[Пп]редлож|[гГ]р[уy]зчи
KCH1 regex -a@YES outblaze|check1check|mindspring|bigfoot|funnymail|bellsouth.net|tiscali.it|wanadoo.fr|nic.*olastse.(com|net)|videotron.ca|blueyonder|westcall[.]|mailcity[.]|mexico|comcast.net|earthlink.com|libertysurf.net|mozartmail.com|telepac.pt|edomex.com|quintanaroo.com|telia.com|hideakifan.com|icq.com|delphi.com|optonline.net
KCH2 regex -a@YES 216.200.145.37|sunrise.ch|videotron.ca|netvision.net|user.msu.edu|guadalupano.com|chello.nl|midco.net|irex.ru|gmx.de|mexican..com|adelphia.net|telepac.pt|louiskoo.com|rickymail.com|terra.com.br|home.nl|slamdunkfan.com|barak.net.il|client.*attbi.com|concentric.com|mplik.ru|veloxzone.com.br|wartaponsel.com|bezeqint.net
KChHeader sequence CH1 CH2
KCheckRcpt1 regex -n -a@NOLIST1 ^<(adm|.+master|root)@(.*yourdomain\.ru|\[k\.l\.m\.n\]|\[127\.0\.0\.1\]|localhost|localhost.localdomain|your_other_name.ru)>$
KChMId regex -n -a@NOTMY yourdomain\.ru
LOCAL_RULESETS
SLocal_check_rcpt
# empty address?
R<> $#error $@ nouser $: "553 User address required"
R$@ $#error $@ nouser $: "553 User address required"
R$+ $: $(CheckRcpt1 $1 $:$1 $)
R@NOLIST1 $: $(storage {Spam_Check} $@ $&{Null_Check} $)
######################################################################
### Subject, Mailer, Server, Header & Message ID Check
######################################################################
HFrom: $>CheckFrom
SCheckFrom
R$* $: $1 $| <$&{Spam_Check}>
R$* $| <0> $@ OK
R$* $| $* $: $1
R$* $: $(storage {From} $@ $1 $) $1
### Macros $&_ ($&{client_addr} & $&{client_name} checking
R$* $: $(NOSPAM01 $&_ $)
R@MATCH $@ OK
R$* $: $(SPAM7 $&_ $)
R@MATCH $#error $: 553 Sorry, Your relay looks like SPAM7-relay: $&_. If not, please contact the postmaster@yourdomain.ru via another relay-ip.
R$* $: $(SPAM8 $&_ $)
R@MATCH $#error $: 553 Sorry, Your relay looks like SPAM8-relay: $&_. If not, please contact the postmaster@yourdomain.ru via another relay-ip.
R$* $: $&{client_addr}
R$-.$-.$-.$- $: $(Denied_IP $1.$2.$3.$4 $)
RDISCARD $#error $: 553 We get a lot of SPAM9 from your relay-ip: $&{client_addr}. If you are not a spamer, please contact the postmaster@yourdomain.ru via another relay-ip.
### From: checking
R$* $: $&{From}
R$* $: $(syslog $&{From} $) $1
# Clear the macro for the next message
R$* $: $(storage {From} $) $1
R$*<$+@$+> $: $(SPAM2 $3 $: <$2@$3> $)
R@MATCH $#error $: 553 Sorry, Your e-mail address looks like SPAM2 (please see: http://www.yourdomain.ru/postmaster.html ). If not, please contact the postmaster@yourdomain.ru via another e-mail address.
R<$+@$+> $: $(NOSPAM0 $1 $: <$1@$2> $)
R@MATCH $@ OK
R<$+@$+> $: $(SPAM1 $1 $: <$1@$2> $)
R@MATCH $#error $: 553 Sorry, Your e-mail address looks like SPAM1 (please see: http://www.yourdomain.ru/postmaster.html ). If not, please contact the postmaster@yourdomain.ru via another e-mail address.
R<$+@$+> $: $(SPAM2 $1 $: <$1@$2> $)
R@MATCH $#error $: 553 Sorry, Your e-mail address looks like SPAM2 (please see: http://www.yourdomain.ru/postmaster.html ). If not, please contact the postmaster@yourdomain.ru via another e-mail address.
R<$+@$+> $: $(SPAM3 $1 $: <$1@$2> $)
R@MATCH $#error $: 553 Sorry, Your e-mail address looks like SPAM3 (please see: http://www.yourdomain.ru/postmaster.html ). If not, please contact the postmaster@yourdomain.ru via another e-mail address.
R<$+@$+> $: $(SPAM4 $1 $: <$1@$2> $)
R@MATCH $#error $: 553 Sorry, Your e-mail address looks like SPAM4 (please see: http://www.yourdomain.ru/postmaster.html ). If not, please contact the postmaster@yourdomain.ru via another e-mail address.
###
HSubject: $>Check_Subject
SCheck_Subject
R$* $: $1 $| <$&{Spam_Check}>
R$* $| <0> $@ OK
R$* $| $* $: $1
R$+ $: $(ChSb $1 $)
R@CATCHED $@ OK
R$+ $: $(ChSbSpam $1 $)
R@CATCHED $#error $: 553 Sorry, Your subject looks like SPam. If not, please contact the postmaster@yourdomain.ru with no subject.
R$+ $: $(ChSbSpam2 $1 $)
R@CATCHED $#error $: 553 Sorry, Your subject looks like SPam2. If not, please contact the postmaster@yourdomain.ru with no subject.
R$+ $: $(ChSbRuSpam1 $1 $)
R@CATCHED $#error $: 553 Sorry, Your subject looks like ruSPam1. If not, please contact the postmaster@yourdomain.ru with no subject.
R$+ $: $(ChSbRuSpam3 $1 $)
R@CATCHED $#error $: 553 Sorry, Your subject looks like ruSPam3. If not, please contact the postmaster@yourdomain.ru with no subject.
R$+ $: $(ChSbRuSpam4 $1 $)
R@CATCHED $#error $: 553 Sorry, Your subject looks like ruSPam4. If not, please contact the postmaster@yourdomain.ru with no subject.
R$+ $: $(ChSbRuSpam5 $1 $)
R@CATCHED $#error $: 553 Sorry, Your subject looks like ruSPam5. If not, please contact the postmaster@yourdomain.ru with no subject.
R$+ $: $(ChSbRuSpam6 $1 $)
R@CATCHED $#error $: 553 Sorry, Your subject looks like ruSPam6. If not, please contact the postmaster@yourdomain.ru with no subject.
##################################################
# http://www.softerra.ru/freeos/19480/page1.html #
##################################################
HX-Mailer: $>CheckMailer
HX-Server: $>CheckMailer
SCheckMailer
R$* $: $1 $| <$&{Spam_Check}>
R$* $| <0> $@ OK
R$* $| $* $: $1
RAdvanced Direct Remailer $* $#error $@ 5.7.1 $: "554 Spam (ADR)"
RAdvanced Mass Sender $* $#error $@ 5.7.1 $: "554 Spam (AMS)"
RSpammer $* $#error $@ 5.7.1 $: "554 Spam (Spammer)"
R$* Bomber $* $#error $@ 5.7.1 $: "554 Spam (Bomber)"
RMega-Mailer $* $#error $@ 5.7.1 $: "554 Spam (Mega-Mailer)"
RMMailer $* $#error $@ 5.7.1 $: "554 Spam (MMailer)"
RMailer $* $#error $@ 5.7.1 $: "554 Spam (Mailer)"
RLigra Mailer $* $#error $@ 5.7.1 $: "554 Spam (Ligra Mailer)"
RDynamic Opt-In Emailer $* $#error $@ 5.7.1 $: "554 Spam(Dynamic Opt-In Emailer)"
R$* Group Spamer $#error $@ 5.7.1 $: "554 Spam (WE Group Spamer)"
RMail Sender $* $#error $@ 5.7.1 $: "554 Spam (Mail Sender)"
RMail Service $* $#error $@ 5.7.1 $: "554 Spam (Mail Service)"
RMailloop $* $#error $@ 5.7.1 $: "554 Spam (Mailloop)"
RPersMail $* $#error $@ 5.7.1 $: "554 Spam (PersMail)"
RLK SendIt $* $#error $@ 5.7.1 $: "554 Spam (LK SendIt)"
RWC Mail $* $#error $@ 5.7.1 $: "554 Spam (WC Mail)"
RZUBA ZUB $* $#error $@ 5.7.1 $: "554 Spam (ZUBA ZUB)"
RMailList Express $* $#error $@ 5.7.1 $: "554 Spam (MailList Express)"
RCaretop $* $#error $@ 5.7.1 $: "554 Spam (Caretop)"
RMailer Signature $#error $@ 5.7.1 $: "554 Spam (Mailer Si)"
Rnone $#error $@ 5.7.1 $: "554 Spam (none)"
RPG-MAILINGLIST $#error $@ 5.7.1 $: "554 Spam (PG-MAILINGLIST)"
R$* advcomtest $* $#error $@ 5.7.1 $: "554 Spam (advcomtest)"
Ryo yo mail $#error $@ 5.7.1 $: "554 Spam (yo yo mail)"
RZanziMailer $* $#error $@ 5.7.1 $: "554 Spam (ZanziMailer)"
# Настоящий Outlook имеет версию вида: 5.0.23123244
RMicrosoft Outlook Express 5.0 $#error $@ 5.7.1 $: "554 Spam (Microsoft Outlook Express 5.0)"
RVersion 5.0 $#error $@ 5.7.1 $: "554 Spam (Version 5.0)"
# Заблокируем все мейлеры с названием только из одного слова:
Rnethack $@ OK
RZ-Mail-SGI $@ OK
RDipost $@ OK
RSquirrelMail $@ OK
R$- $#error $@ 5.7.1 $: "554 Spam (one-word mailer)"
# Заблокируем письма с пустым заголовком
R$* $: < $1 >
R< > $#error $@ 5.7.1 $: "554 Illegal header (empty header)"
R$* $@ OK
HTo: $>CheckTo
HCc: $>CheckTo
HMessage-ID: $>CheckMessageID
# проверим поле To на "undisclosed-recipients;" или "undisclosed recipient"
# комбинации могут быть практически произвольными.
SCheckTo
R$* $: $1 $| <$&{Spam_Check}>
R$* $| <0> $@ OK
R$* $| $* $: $1
R$*Recipient$* $#error $@ 5.7.1 $: "554 Unspecified Mailbox ID"
R$*Undisclosed$* $#error $@ 5.7.1 $: "554 Unspecified Mailbox ID"
#проверим правильность формата поля Message-ID (оно должно быть в формате идентификатор@домен).
SCheckMessageID
# Record the presence of the header MessageId
R$* $: $(storage {MessageIdCheck} $@ $1 $) $1
R$* $: $1 $| <$&{Spam_Check}>
R$* $| <0> $@ OK
R$* $| $* $: $1
R< $+ @ $+ > $@ OK
R$* $#error $: "553 Header Error 1: Bad Message ID: $&{MessageIdCheck}"
HReceived: $>+CheckReceived
# Record the presence of the header Received
SCheckReceived
R$* $: $(storage {ReceivedCheck} $@ OK $) $1
#R$* $: $1 $| <$&{Spam_Check}>
#R$* $| <0> $@ OK
#R$* $| $* $: $1
R$* $: $(ChHeader $1 $)
R@YES $#error $: "553 Bad Header 2: relaying denied."
R$* $@ OK
H*: $>+CheckHeader
SCheckHeader
#R$* $: $1 $| <$&{Spam_Check}>
#R$* $| <0> $@ OK
#R$* $| $* $: $1
R$* $: $(ChHeader $&{currHeader} $)
R@YES $#error $: "553 Bad Header 1: relaying denied."
Scheck_eoh
#R$* $: $1 $| <$&{Spam_Check}>
#R$* $| <0> $@ OK
#R$* $| $* $: $1
##R$* $: $(syslog <$&{Spam_Check}> $) $1
# Check the macro $&{ReceivedCheck}
R$* $: < $&{ReceivedCheck} >
# Clear the macro for the next message
R$* $: $(storage {ReceivedCheck} $) $1
# Has a Received: header
R< $+ > $@ OK
# Allow missing Received from local mail
R$* $: < $&{client_addr} >
R< $* $=R $* > $@ OK
# Allow missing Message-Id: or Received from smtp-authenticated mail
R$* $: < $&{auth_authen} >
R< $+ > $@ OK
# Check the macro < $&{MessageIdCheck} >
R$* $: < $&{MessageIdCheck} >
# Clear the macro for the next message
R$* $: $(storage {MessageIdCheck} $) $1
# Has my domain name in the Message-Id: header
R<$+@$+> $: $(ChMId $2 $: $1@$2 $)
R$* $: $(syslog $1 $) $1
R@NOTMY $@ OK
# Otherwise, reject the mail
R$* $#error $: "553 Header Error 2: relaying denied."
#My check-rules are done.