Re: [Exim] New multi-user exim4 config

Top Page
Delete this message
Reply to this message
Author: Suresh Ramasubramanian
Date:  
To: Marc MERLIN
CC: 'Exim-users'
Subject: Re: [Exim] New multi-user exim4 config
Marc MERLIN [8/4/2003 8:54 AM] :

> True, but due to how it's used, it needs to be a list, not an RBL.
> That said, this can be added to the config file as an ACL for rejecting
> connections.


also available as a wgettable text file - a cronjob to fetch it
periodically and build a cdb out of it might be an idea.

> Not a bad idea.
> I take contributions :-)


code for this was posted sometime back on exim-users - something like:

# Be polite and say HELO. Reject anything from hosts that havn't given
# a valid HELO/EHLO to us.
  deny condition = ${if \
    or{{!def:sender_helo_name}{eq{$sender_helo_name}{}}}{yes}{no}}
           message = RFCs mandate HELO/EHLO before mail can be sent


# Forged HELOs
  deny    message = Forged hostname detected in HELO
          hosts   = !+relay_from_hosts
          log_message = Forged HELO detected
          condition = ${if eq
{${lc:$sender_helo_name}}{${lc:$primary_hostname}}{
yes}{no}}


  deny message = Forged IP detected in HELO
         hosts = !+relay_from_hosts
         log_message = Forged IP detected in HELO: $sender_helo_name
         condition = ${if
eq{$sender_helo_name}{$interface_address}{yes}{no}}


For extra points, sender_helo_name is checked against a list of your
local / virtual domains. Like if you host domain.com and someone sends
you HELO domain.com ...

    srs