On Tue, 11 Jun 2002, Juha Saarinen wrote:
> On Mon, 10 Jun 2002, Dave C. wrote:
>
> > # All hotmail.com mail should have this header
> > deny sender_domains = hotmail.com
> > message = X-Forgery: NOT HOTMAIL
> > condition = ${if def:header_X-Originating-IP:{no}{yes}}
> >
> > # All aol.com mail should have this header
> > deny sender_domains = aol.com
> > message = X-Forgery: NOT AOL MAILER
> > condition = ${if match {$h_X-Mailer:}{.*[Aa][Oo][Ll].*} {no}{yes}}
> >
> > # All aol.com mail should have a matching received header
> > deny sender_domains = aol.com
> > message = X-Forgery: NOT AOL SERVER
> > condition = ${if match {$h_Received:}{.*by.*[Aa][Oo][Ll]\.[Cc][Oo][Mm].*}{no}{yes}}
> >
> > # All yahoo.com mail will have either
> > # "...yahoo.com via HTTP "
> > # *OR*
> > # "...yahoo.com with NNFMP"
> >
> > deny sender_domains = yahoo.com
> > message = X-Forgery: NOT YAHOO SERVER
> > condition = ${if match {$h_Received:}{yahoo.com.via.HTTP}{no}{yes}}
> > condition = ${if match {$h_Received:}{yahoo.com.with.NNFMP}{no}{yes}}
>
> Dave, I've not quite figured out how Exim processes ACLs, so would you
> mind posting the full acl_smtp_data acl that you use? What I'm not sure
> about is how to set up the "accept" conditions.
>
I just have an unconditional accept at the end in mine after all the
deny items.
Here is a short sweet summary:
exim processes the items listed in an ACL in order.
deny :
if all items are true, stop acl processing, return deny
if any item is false, continue
require :
if all items are true, continue to next item
if any item is false, stop processing, return deny
accept :
if all items are true, stop acl processing, return accept
warn
if all items are true, add "message" as a header, continue to next item
If the end of the acl is reached without a satisfied accept, the default
is to deny
Require and deny do almost the same thing, with the logic inverted.
Read section 37 of the specfile for more detail.
