Re: [Exim] Bypassing RBL check for authenticated users.

Pàgina inicial
Delete this message
Reply to this message
Autor: Robert Kehl
Data:  
A: Oren Levi
CC: exim-users
Assumpte: Re: [Exim] Bypassing RBL check for authenticated users.
----- Original Message -----
From: "Oren Levi" <orenlevi@???>
To: "Robert Kehl" <mailinglists@???>
Cc: <exim-users@???>
Sent: Wednesday, September 17, 2003 3:04 AM
Subject: Re: [Exim] Bypassing RBL check for authenticated users.


> The change you suggested left my server open to relay.


Sorry, it wasn't a full acl, as you didn't post one, too.

The very last block in your check_recipient acl should always be this:

> deny    message = $sender_fullhost is currently not permitted to send

you
> must first authenticate


Suggestion 1: Move the following block to the bottom of your
check_recipient acl, but ensure that the 'deny' statement still follows.

> #!!# Spam control starts here:
> deny message = rejected because $sender_host_address is \
> blacklisted at $dnslist_domain\n\
> $dnslist_text
> dnslists = bl.spamcop.net : \
>            blackholes.mail-abuse.org : \
>            dialup.mail-abuse.org : \
>            blackholes.easynet.nl : \
>            sbl.spamhaus.org : \
>            opm.blitzed.org : \
>            ipwhois.rfc-ignorant.org : \
>            cbl.abuseat.org : \
>            spamhaus.relays.osirusoft.com=127.0.0.6 : \
>            sbl.spamhaus.org=127.0.0.2 : \
>            relays.ordb.org
> #  spamsources.relays.osirusoft.com : \
> # removed  inputs.relays.osirusoft.com
> #!!# Spam control stops here


Suggestion 2: If you believe the following block to be correct, move it
upwards before the "Spam control" block. Do not move the 'deny'
statement, or after it nothing will ever get processed.

>   accept  hosts = +auth_relay_hosts
>           endpass
>           message = $sender_fullhost is currently not permitted to \
>                         relay through this server. Perhaps you \
>                         have not logged into the pop/imap server in

the \
>                         last 30 minutes or do not have SMTP

Authentication
> turned on in your email client.
>           authenticated = *
>           condition = ${if

eq{$authenticated_id}{$sender_address}{yes}{no}}
>           verify = sender


Regards,

Robert Kehl