[Exim] Re: ACL's RULE!

Pàgina inicial
Delete this message
Reply to this message
Autor: Giuliano Gavazzi
Data:  
A: Exim-users
Assumpte: [Exim] Re: ACL's RULE!
Dear all,

this is my first posting to the list. I have built/installed/deployed
exim two days ago and I am happy with it. Yesterday I was looking for
some pointers around on how to write ACL rules to protect my server
from unwanted garbage and, amongst others, I came across these
written by Dave under the thread of this name. One of these rules
appears risky to me:

>
>
># All yahoo.com mail will have either
># "...yahoo.com via HTTP "
># *OR*
># "...yahoo.com with NNFMP"
>
>   deny          sender_domains  = yahoo.com
>                 message         = X-Forgery: NOT YAHOO SERVER
>                 condition       = ${if match
>{$h_Received:}{yahoo.com.via.HTTP}{no}{yes}}
>                 condition       = ${if match
>{$h_Received:}{yahoo.com.with.NNFMP}{no}{yes}}


I have this header from a yahoo account of just over a year ago:

Return-Path: <...@yahoo.com>
Received: from web13107.mail.yahoo.com (web13107.mail.yahoo.com
[216.136.174.152])
    by drum.humph.com (8.11.3/8.11.3) with SMTP id f7REbjK04794
    for <...>; Mon, 27 Aug 2001 15:37:46 +0100 (BST)
Message-ID: <20010827143743.31871.qmail@???>
Received: from [146.203.100.230] by web13107.mail.yahoo.com; Mon, 27
Aug 2001 07:37:43 PDT
...


and the Received: header does not contain "via HTTP" or "with NNFMP".
From then onwards all have "via HTTP". I think a better rule would be
to impose a more strict check of the EHLO/HELO command when the
sender in in any of these domains.

My real question is another, will this email show as coming from the
return address I set in Eudora, or from the user that authenticates
with the server when sending?

Giuliano
--
H U M P H
    || |||
  software


Java & C++ Server/Client/Human Interface applications on MacOS - MacOS X
http://www.humph.com/