Re: [Exim] FAQ(4) Q/A5023 about ident

トップ ページ
このメッセージを削除
このメッセージに返信
著者: Dennis Davis
日付:  
To: exim-users
新しいトピック: "CacheFlow Server" HELOs, was Re: [Exim] FAQ(4) Q/A5023 about ident
題目: Re: [Exim] FAQ(4) Q/A5023 about ident
>From: "Alan J. Flavell" <flavell@???>
>To: Exim users list <exim-users@???>
>Subject: [Exim] FAQ(4) Q/A5023 about ident
>Sender: exim-users-admin@???
>Date: Tue, 15 Apr 2003 14:09:29 +0100 (BST)


...

>a) We've found it effective against two rather prevalent kinds of open
>proxy (whether already blacklisted at the RBLs or not) to recognise
>ident strings of "squid" and "CacheFlow Server" and reject mail from
>them. Snippets such as this in the RCPT ACL do the trick:
>
> deny condition = ${if eq{$sender_ident}{CacheFlow Server}{1}{0}}
> message = Rejected - appears to be an unsecured proxy: $sender_ident


Almost totally unrelated, but I see lots of connections from
""CacheFlow Server" to our mail servers. Usually their HELO
messages announce themselves to be the same IP address as the server
to which they are connecting. So they're being caught here with an
ACL of the form:

  deny    message = Imposters are persona non grata
          condition = ${if or { \
                               {eq {${lc:$sender_helo_name}}{WHOAMI}} \
                               {eq {$sender_helo_name}{HOST_IP}} \
                              } \
                             {yes}{no}}


where WHOAMI & HOST_IP are just simple macros set earlier in the
configuration.