Mail::Exim::ACL::Geolocation - Map IP addresses to country codes
version 1.003
acl_check_rcpt: warn domains = +local_domains : +relay_to_domains set acl_m_country_code = ${perl{country_code}{$sender_host_address}} add_header = X-Sender-Host-Country: $acl_m_country_code
A Perl module for the Exim mailer that maps IP addresses to two-letter country codes such as "DE", "FR" and "US". SpamAssassin can use these country codes to filter junk email.
my $country_code = country_code($ip_address);
Maps an IP address to a country. Returns the country code or the undefined value.
None.
Create a file such as /etc/exim/exim.pl. Add the following Perl code.
use Mail::Exim::ACL::Geolocation qw(country_code);
Edit Exim's configuration file. Enable Perl in the main section.
perl_startup = do '/etc/exim/exim.pl' perl_taintmode = yes
Get the sending host's country code in the RCPT ACL. Add the country code to the message header.
Add a rule to your SpamAssassin configuration that increases the spam score if the message is sent from a country that you usually don't get email from.
bayes_ignore_header X-Sender-Host-Country header UNCOMMON_COUNTRY X-Sender-Host-Country !~ /^(?:DE|FR|US)/ [if-unset: US] describe UNCOMMON_COUNTRY Message is sent from uncommon country tflags UNCOMMON_COUNTRY noautolearn score UNCOMMON_COUNTRY 0.1
See https://en.wikipedia.org/wiki/ISO_3166-2 for a list of two-letter country codes. A useful list for businesses with contacts in Western Europe and North America is:
(?:AT|BE|CA|CH|DE|DK|ES|EU|FI|FR|GB|IE|IS|IT|LU|NL|NO|PT|SE|US)
Combine your new rule with other rules.
meta SUSPICIOUS_BULKMAIL UNCOMMON_COUNTRY && (DCC_CHECK || RAZOR2_CHECK) describe SUSPICIOUS_BULKMAIL Bulk email from uncommon country tflags SUSPICIOUS_BULKMAIL net score SUSPICIOUS_BULKMAIL 1.5
Requires the Perl module IP::Geolocation::MMDB from CPAN and the modules Exporter and List::Util, which are distributed with Perl.
Requires an IP to country database in the MaxMind DB file format from MaxMind or DP-IP.com. The module searches the directories /var/lib/GeoIP and /usr/share/GeoIP for one of the following database files:
GeoIP2-Country.mmdb GeoIP2-City.mmdb dbip-country.mmdb dbip-location.mmdb GeoLite2-Country.mmdb GeoLite2-City.mmdb dbip-country-lite.mmdb dbip-city-lite.mmdb
Mail::SpamAssassin::Conf
Andreas Vögele <voegelas@cpan.org>
None known.
Copyright 2022 Andreas Vögele
This module is free software; you can redistribute it and/or modify it under the same terms as Perl itself.
To install Mail::Exim::ACL::Geolocation, copy and paste the appropriate command in to your terminal.
cpanm
cpanm Mail::Exim::ACL::Geolocation
CPAN shell
perl -MCPAN -e shell install Mail::Exim::ACL::Geolocation
For more information on module installation, please visit the detailed CPAN module installation guide.