Re: [Exim] Bypassing RBL check for authenticated users.

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Oren Levi
Dátum:  
Címzett: Robert Kehl
CC: exim-users
Tárgy: Re: [Exim] Bypassing RBL check for authenticated users.
The change you suggested left my server open to relay.

Basiclly i want that authenticated user will not be checked agaist RBL
(SLOW)

here's my original ACL:

begin acl



#!!# ACL that is used after the RCPT command
check_recipient:
# Exim 3 had no checking on -bs messages, so for compatibility
# we accept if the source is local SMTP (i.e. not over TCP/IP).
# We do this by testing for an empty sending host field.
accept hosts = :

#!!# Spam control starts here:
deny message = rejected because $sender_host_address is \
blacklisted at $dnslist_domain\n\
$dnslist_text
dnslists = bl.spamcop.net : \
           blackholes.mail-abuse.org : \
           dialup.mail-abuse.org : \
           blackholes.easynet.nl : \
           sbl.spamhaus.org : \
           opm.blitzed.org : \
           ipwhois.rfc-ignorant.org : \
           cbl.abuseat.org : \
           spamhaus.relays.osirusoft.com=127.0.0.6 : \
           sbl.spamhaus.org=127.0.0.2 : \
           relays.ordb.org
#  spamsources.relays.osirusoft.com : \
# removed  inputs.relays.osirusoft.com
#!!# Spam control stops here



  # Accept bounces to lists even if callbacks or other checks would fail
  warn     message      = X-WhitelistedRCPT-nohdrfromcallback: Yes
           condition    = \
           ${if and {{match{$local_part}{(.*)-bounces\+.*}} \
                     {exists
{/usr/local/cpanel/3rdparty/mailman/lists/${lc:$1}_${lc:$domain}/config.pck}
}} \
                {yes}{no}}


  accept   condition    = \
           ${if and {{match{$local_part}{(.*)-bounces\+.*}} \
                     {exists
{/usr/local/cpanel/3rdparty/mailman/lists/${lc:$1}_${lc:$domain}/config.pck}
}} \
                {yes}{no}}


  warn     message      = X-WhitelistedRCPT-nohdrfromcallback: Yes
           condition    = \
           ${if and {{match{$local_part}{mailman-bounces\+.*}} \
                     {exists
{/usr/local/cpanel/3rdparty/mailman/lists/mailman/config.pck}}} \
                {yes}{no}}


  accept   condition    = \
           ${if and {{match{$local_part}{mailman-bounces\+.*}} \
                     {exists
{/usr/local/cpanel/3rdparty/mailman/lists/mailman/config.pck}}} \
                {yes}{no}}



require verify = sender

accept domains = +local_domains
accept domains = +relay_domains
accept hosts = +relay_hosts
accept condition = ${perl{checkrelayhost}{$sender_host_address}}

  accept  hosts = +auth_relay_hosts
          endpass
          message = $sender_fullhost is currently not permitted to \
                        relay through this server. Perhaps you \
                        have not logged into the pop/imap server in the \
                        last 30 minutes or do not have SMTP Authentication
turned on in your email client.
          authenticated = *
          condition = ${if eq{$authenticated_id}{$sender_address}{yes}{no}}
          verify = sender
  deny    message = $sender_fullhost is currently not permitted to send you
must first authenticate




#!!# ACL that is used after the DATA command
check_message:
require verify = header_sender
accept

----- Original Message -----
From: "Robert Kehl" <mailinglists@???>
To: "Oren Levi" <orenlevi@???>; <exim-users@???>
Sent: Tuesday, September 16, 2003 3:46 PM
Subject: Re: [Exim] Bypassing RBL check for authenticated users.


> ----- Original Message -----
> From: "Oren Levi" <orenlevi@???>
> To: "Tabor J. Wells" <twells@???>
> Cc: <exim-users@???>
> Sent: Tuesday, September 16, 2003 9:16 PM
> Subject: Re: [Exim] Bypassing RBL check for authenticated users.
>
>
> Use this one:
>
> begin acl
>
> check_recipient:
>
> accept hosts = :
>
> require verify = sender
>        message       = Sender verification required

>
> accept authenticated = *
>        condition = ${if eq{$authenticated_id}{$sender_address}{yes}{no}}
>        endpass
>        message = $sender_fullhost is currently not permitted to send - \
>               you must first authenticate

>
> deny dnslists = bl.spamcop.net : \
>               some.other.list
>        message = rejected because $sender_host_address is \
>               blacklisted at $dnslist_domain\n\
>               $dnslist_text

>
> Should do what you want.
>
> Robert Kehl
>
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim

details at http://www.exim.org/ ##
>
>
>