Re: [Exim] "CacheFlow Server" and exim4

Top Page
Delete this message
Reply to this message
Author: William Thompson
Date:  
To: sharun
CC: Alan J. Flavell, Exim users list
Subject: Re: [Exim] "CacheFlow Server" and exim4
> deny condition = ${if eq{$sender_ident}{squid}{yes}{no}}
>           message       = Hacked proxy ? Go away!

>
>   deny    condition = ${if eq{$sender_ident}{CacheFlow Server}{yes}{no}}
>           message       = Hacked proxy ? Go away!


Anyway of doing this in exim 3.35? I tried using tcp wrappers, but the
tcp wrapper maintainer on debian refused to do anything about adding the
possibility of spaces in usernamed. He said it was a 'security risk'. I
also wasn't very successful at modifying it to work (say changing spaces to
underscores for what it got from ident)

> Alan J. Flavell wrote:
> >
> > There's a class of event which shows up in the logs as e.g
> >
> > 2002-12-07 00:42:43 H=(nric) [200.160.36.13] (CacheFlow Server)
> > F=<wvdvn@???> rejected RCPT...
> >
> > Am I right in thinking that "CacheFlow Server" here is always
> > indicative of an open proxy? What actually _is_ this item of data in
> > the mainlog, I'm having a hard time finding it documented in chapter
> > 44. I'm suspicious that it might be the rfc1413 "ident", but then why
> > isn't it prefixed with "U=" as indicated in 44.12?
> >
> > Does anyone block mail on the basis of this indication, and if so,
> > could they offer an exim4 recipe for it, please? It seems to be quite
> > a pestilence.
>
> --
> VVS56-RIPE
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ##
>
>