Re: [Exim] rcpt phase ACL against common forgery

Top Page
Delete this message
Reply to this message
Author: Giuliano Gavazzi
Date:  
To: Exim-users@exim.org
Subject: Re: [Exim] rcpt phase ACL against common forgery
At 1:34 +0000 2002/12/02, Giuliano Gavazzi wrote:
>
>Now, how can I send a temporary failure 4XX if the $sender_host_name
>expand to the null string (DNS failure)?
>I see two options: either a "fail" action, that acts like deny, but
>sends a 4XX error message, or allow deny to specify the complete error
>message, so that I can send a 4XX message myself.


first I must correct my ACL to really compare the domain part only, second I have found a way to get a 4xx error out, a failure in a lookup. My rule loses in "elegance":

deny    sender_domains  = hotmail.com : yahoo.com : public.com : ...
        message         = X-Forgery: $sender_host_name NOT A $sender_helo_name SERVER (OR TEMPORARY DNS FAILURE)
        condition       = ${if match {${extract{-2}{.}{$sender_host_name}{$value}{${lookup {x} lsearch {/etc/inexistent} {$
value}}}}.${extract{-1}{.}{$sender_host_name}{$value}fail}}{${extract{-2}{.}{$sender_helo_name}{$value}fail}.${extract{-1}{.}{$sende
r_helo_name}{$value}fail}}{no}{yes}}


Clearly /etc/inexistent must not exist and "match" could be really be changed with "eq".

Maybe I could split lines with \ but it is too late to check.

Giuliano
--
H U M P H
|| |||
software

Java & C++ Server/Client/Human Interface applications on MacOS - MacOS X
http://www.humph.com/