--
Hello people..
Well, after upgrading to 4.22 last wednesday and the death of osirusoft
my servers have get a lot of problems with spam and such.
A problem that I ideentified right now is that sender verify isn't
working very well. I tried a test with exim -bhc and a non-existent
email get's thru the ACL (in the test mode I could see the callout test
and the 550 error).
Something in the callout changed from 4.14 to 4.22? (I can't find
anything on the changelog)
Like, the order of the ACL can change the fact that the sender verify
failed? There's my ACL:
--------------------------------------
acl_check_rcpt:
accept hosts = :
deny local_parts = ^.*[@%!/|]
deny message = Endereco inválido. Invalid local part.
senders = ^[a-z]{4}_[a-z]{4}_[a-z]{1}_[a-z]{1}_[a-z]{1}
deny message = Endereco inválido. Invalid local part.
senders = ^send_today_
deny message = Endereço bloqueado pela blacklist interna. Address
blocked in the internal blacklist.
senders = ${lookup{$sender_address}lsearch{/etc/exim/badfrom}}
deny message = Desculpe, apenas um endereco por mensagem de bounce.
Sorry, only one recipient for bounce message.
condition = ${if eq
{$sender_address_local_part}{}{yes}{no}}
condition = ${if > {${eval:$rcpt_count}}{1}{yes}{no}}
accept local_parts = postmaster
domains = +local_domains
deny message = O seu endereço não pode ser verificado, favor
utilizar um email válido ou contatar o seu suporte técnico. (Your email
address cannot be verified, please use a valid email).
!sender_domains = +localnonverify
!verify = sender/defer_ok/callout=20s/callout_defer_ok
!verify = recipient
deny message = Host $sender_host_address listado em
Blacklist: $dnslist_domain\n$dnslist_text
!authenticated = *
!hosts = +ignora_rbl
dnslists = opm.blitzed.org : \
bl.projeto-orbl.org : \
sbl.spamhaus.org : \
dnsbl.njabl.org : \
relays.ordb.org : \
list.dsbl.org : \
bl.spamcop.net: \
orbs.dorkslayers.com: \
relays.dorkslayers.com: \
rsbl.aupads.org: \
orvedb.aupads.org: \
duinv.aupads.org: \
dun.dnsrbl.net: \
spam.dnsrbl.net
accept domains = +local_domains
accept domains = +relay_to_domains
accept hosts = +relay_from_hosts
accept authenticated = *
deny message = relay not permitted
---------------------------------------------------------
Any help is welcome, as suggestions to make my ACL more spam proof...
[]s
core
--
José de Paula Eufrásio Júnior
Analista de Sistema | CPD
ProInternet do Brasil
--
Content-Description: This is a digitally signed message part
[ signature.asc of type application/pgp-signature deleted ]
--
