Re: [Exim] FAQ(4) Q/A5023 about ident

Página Principal
Apagar esta mensagem
Responder a esta mensagem
Autor: Dennis Davis
Data:  
Para: exim-users
Tópicos Novos: "CacheFlow Server" HELOs, was Re: [Exim] FAQ(4) Q/A5023 about ident
Assunto: Re: [Exim] FAQ(4) Q/A5023 about ident
>From: "Alan J. Flavell" <flavell@???>
>To: Exim users list <exim-users@???>
>Subject: [Exim] FAQ(4) Q/A5023 about ident
>Sender: exim-users-admin@???
>Date: Tue, 15 Apr 2003 14:09:29 +0100 (BST)


...

>a) We've found it effective against two rather prevalent kinds of open
>proxy (whether already blacklisted at the RBLs or not) to recognise
>ident strings of "squid" and "CacheFlow Server" and reject mail from
>them. Snippets such as this in the RCPT ACL do the trick:
>
> deny condition = ${if eq{$sender_ident}{CacheFlow Server}{1}{0}}
> message = Rejected - appears to be an unsecured proxy: $sender_ident


Almost totally unrelated, but I see lots of connections from
""CacheFlow Server" to our mail servers. Usually their HELO
messages announce themselves to be the same IP address as the server
to which they are connecting. So they're being caught here with an
ACL of the form:

  deny    message = Imposters are persona non grata
          condition = ${if or { \
                               {eq {${lc:$sender_helo_name}}{WHOAMI}} \
                               {eq {$sender_helo_name}{HOST_IP}} \
                              } \
                             {yes}{no}}


where WHOAMI & HOST_IP are just simple macros set earlier in the
configuration.