[Exim] callout problems after upgrade to 4.22

Página superior
Eliminar este mensaje
Responder a este mensaje
Autor: Jose de Paula Eufrasio Junior
Fecha:  
A: Lista Exim
Asunto: [Exim] callout problems after upgrade to 4.22
--
Hello people..

Well, after upgrading to 4.22 last wednesday and the death of osirusoft
my servers have get a lot of problems with spam and such.

A problem that I ideentified right now is that sender verify isn't
working very well. I tried a test with exim -bhc and a non-existent
email get's thru the ACL (in the test mode I could see the callout test
and the 550 error).
Something in the callout changed from 4.14 to 4.22? (I can't find
anything on the changelog)

Like, the order of the ACL can change the fact that the sender verify
failed? There's my ACL:

--------------------------------------

acl_check_rcpt:


accept hosts = :

  deny    local_parts   = ^.*[@%!/|]


  deny  message = Endereco inválido. Invalid local part.
        senders = ^[a-z]{4}_[a-z]{4}_[a-z]{1}_[a-z]{1}_[a-z]{1}


  deny  message = Endereco inválido. Invalid local part.
        senders = ^send_today_


  deny  message = Endereço bloqueado pela blacklist interna. Address
blocked in the internal blacklist.
        senders = ${lookup{$sender_address}lsearch{/etc/exim/badfrom}}


  deny    message = Desculpe, apenas um endereco por mensagem de bounce.
Sorry, only one recipient for bounce message.
          condition     = ${if eq
{$sender_address_local_part}{}{yes}{no}}
          condition     = ${if > {${eval:$rcpt_count}}{1}{yes}{no}}


  accept  local_parts   = postmaster
          domains       = +local_domains


  deny  message         = O seu endereço não pode ser verificado, favor
utilizar um email válido ou contatar o seu suporte técnico. (Your email
address cannot be verified, please use a valid email).
        !sender_domains = +localnonverify
        !verify         = sender/defer_ok/callout=20s/callout_defer_ok
        !verify         = recipient



  deny    message       = Host $sender_host_address listado em
Blacklist: $dnslist_domain\n$dnslist_text
          !authenticated = *
          !hosts = +ignora_rbl
          dnslists      =   opm.blitzed.org : \
          bl.projeto-orbl.org :         \
          sbl.spamhaus.org :            \
          dnsbl.njabl.org :             \
          relays.ordb.org :             \
          list.dsbl.org :               \
          bl.spamcop.net:               \
          orbs.dorkslayers.com:         \
          relays.dorkslayers.com:       \
          rsbl.aupads.org:              \
          orvedb.aupads.org:            \
          duinv.aupads.org:             \
          dun.dnsrbl.net:               \
          spam.dnsrbl.net


  accept  domains       = +local_domains


  accept  domains       = +relay_to_domains


  accept  hosts         = +relay_from_hosts


accept authenticated = *

  deny    message       = relay not permitted


---------------------------------------------------------

Any help is welcome, as suggestions to make my ACL more spam proof...

[]s
core

--
José de Paula Eufrásio Júnior
Analista de Sistema | CPD
ProInternet do Brasil
--
Content-Description: This is a digitally signed message part

[ signature.asc of type application/pgp-signature deleted ]
--