How to set up keyword block in Exim on Debian

Exim can be configured to block emails containing key words, as a method to fight spam. Obviously this is not a comprehensive solution, but can assist in stopping persistent spammers and decreasing the load on SpamAssassin processing when running in parallel.

These instructions are for Debian 8 Jessie, but should apply similarly to Stretch(9) and Buster(10), which use the Exim split configuration.

Edit the config template file: /etc/exim4/exim4.conf.template

We are using the DATA access list (ACL) so scroll down to the section:

### acl/40_exim4-config_check_data
#################################

There may be a number of existing rules in this section, we'll insert our rules after this entry:

# require that there is a verifiable sender address in at least
# one of the "Sender:", "Reply-To:", or "From:" header lines.
.ifdef CHECK_DATA_VERIFY_HEADER_SENDER
deny
  message = No verifiable sender address in message headers
  !acl = acl_local_deny_exceptions
  !verify = header_sender
.endif

 Insert the following text:

# Deny keywords using regex before using Spamassassin:
# Ref: https://www.exim.org/exim-html-current/doc/html/spec_html/ch-content_scanning_at_acl_time.html
  deny
    message = Message rejected as spam or Unroutable address
    regex = Keyword1|Keyword2|Keyword3|...

Change keywords to match words you would like to block. Note this is a case sensitive, regex expression - customise the regex line as required. The message is logged and also sent back to the offending sender.

Update the Exim configution:

update-exim4.conf

Restart the Exim service:

service exim4 restart

Send a test email containing one of the keywords to test.

Upgrading Macbook to High Sierra

Trying to upgrade a Macbook Pro 7.1 (mid-2010) from Sierra to High Sierra failed with several cryptic error messages. This laptop had been upgraded with a Crucial SSD and non-Apple RAM modules, and is configured to dual-boot Linux with rEFInd boot loader.

TLDR: The EFI system boot partition (ESP) should be of type EF (aka 0xEF, EF00), not 07 (Fat).

We recieved the following errors:

macOS could not be installed on your computer

The installer resources were not found

...

You may not install this volume because the computer is missing a firmware partition

...

Somewhere along the line after Bootcamp was initiated, maybe when the Hybrid MBR was altered with gdisk, or partitions adjusted using Gparted, the partition type for the EFI boot partition was changed from type EFI system (EF) to Fat (07).  The format for EF and 07 types is the same, EF is used to identify it specifically as the EFI partition.  Note: this partition is not required to be of type HFS+ as claimed on some sites.

If you have an old High Sierra Upgrade installer from an old previous attempt it may also help to Trash that installer and re-download from the App Store so that you get the updated messages.

The final partition tables on this Macbook are something like:
Hybrid MBR:
 EE: 1 -> 2148 (Protective MBR indicator)
  (128MB space)
 EF: 2149 -> ... (EFI partition, 200MB)
  (128MB space)
 AF: ... -> ... (macOS, 120GB)
  (128MB space)
 83: ... -> ... (Linux, 80GB)

GPT:
 EE
  (128MB space)
 EF (EFI Boot)
  (128MB space)
 AF (macOS)
  (128MB space)
 AF (Recovery 10.11)
 AF (Recovery 10.12)
 83 (Ubuntu)
 83 (Debian)
 82 (Linux swap)
 07 (Fat32 Shared Data)

(*128MB spaces between partitions is an Apple recommendation)

Macbook Pro No Entry symbol

Getting a No Entry symbol when starting macOS on a Macbook Pro (7.1; mid 2010). The Macbook was initially configured to dual boot using OS X Boot Camp Assistant, but later used Refind boot manager to load multiple Linux installations.

Somewhere along the line, the Hybrid MBR had lost the Apple HFS+ file system (AF). Since an MBR can only have 4 primary partitions there is not enough locations to store more than the essential:
1 x Protective Partition (type EE)
1 x EFI System Partition (EF)
1 x Apple Partition (AF)
1 x Linux Partition (83)

Re-creating the hybrid MBR, using Linux utility gdisk (recovery menu), to include the Apple (AF) partition allowed macOS Sierra to boot again. Once corrected, the Recovery partition is bootable also but does not need to be included in the MBR.

A Hybrid MBR is required in order to get the BIOS Compatibility Module (CMS) to initialise hardware (video & wifi) so they work with Linux/Windows.

GRUB can be installed to the Linux partition to enable booting the other distros, although ongoing maintenance of Kernels may be an issue.