[Exim] helo acl

Top Page
Delete this message
Reply to this message
Author: Richard Welty
Date:  
To: exim-users
Subject: [Exim] helo acl
for some time, i've been mechanically doing all of my acl stuff in the
recipients check, based on conventional wisdom that 5xx gets listened to
best after RCPT TO:

i've reconsidered that, based on recent/current events. i've now got the
following attached to the helo acl, i strongly recommend it:

check_helo:
  drop    message = HELO/EHLO must contain a Fully Qualified Domain Name
          hosts  = !+relay_hosts
          condition = ${if match {$sender_helo_name}{\N^[^.].*\.[^.]+$\N}{no}{yes}}
  drop    condition = ${if eq{$sender_ident}{squid}{yes}{no}}
          message       = we do not accept mail from squid proxies
  drop    condition = ${if eq{$sender_ident}{CacheFlow Server}{yes}{no}}
          message       = we do not accept mail from CacheFlow Servers
  drop    message = host is listed in $dnslist_domain
          dnslists = cbl.abuseat.org : \
                     opm.blitzed.org
  accept


the logic being that these callers are by and large things that aren't
going to take 5xx for an answer, so why wait? in particular, right this
instant we're all being pounded by Sobig and this should clear out those
connections quicker.

i'm sure many are doing this already, but i suspect others might appreciate
the tip.

richard
--
Richard Welty                                         rwelty@???
Averill Park Networking                                         518-573-7592
    Java, PHP, PostgreSQL, Unix, Linux, IP Network Engineering, Security