Hello,
I might have not made my point with my previous message in
the "ACL's RULE!" thread, but, apart from the risk of changes
in the headers from yahoo and company, I am not at all happy
with an ACL that does not kick in at RCPT phase.
I have written a simple and primitive rule that applies only
to senders in a restricted domain list. For these users I require
that the EHLO/HELO argument is the real domain of the peer server.
This will also allow the sender to use a different outgoing
server (for instance an hotmail user might want to use their
ISP instead of hotmail.com) as long as these servers identify
themselves "correctly".
deny sender_domains = hotmail.com : yahoo.com
message = X-Forgery: NOT A $sender_helo_name SERVER (OR TEMPORARY DNS FAILURE)
condition = ${if match {$sender_host_name}{.*$sender_helo_name}{no}{yes}}
Now, how can I send a temporary failure 4XX if the $sender_host_name
expand to the null string (DNS failure)?
I see two options: either a "fail" action, that acts like deny, but
sends a 4XX error message, or allow deny to specify the complete error
message, so that I can send a 4XX message myself.
Anyway, with this ACL Carl Miller and his jackpots can go to hell (have
I made my message flagged as spam this way?).
Thanks (since I forgot to thank in my first post)
Giuliano
exim rocks! (and not just because I live in Cambridge)
--
H U M P H
|| |||
software
Java & C++ Server/Client/Human Interface applications on MacOS - MacOS X
http://www.humph.com/