Re: [Exim] Bypassing RBL check for authenticated users.

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Oren Levi
Date:  
CC: exim-users
Sujet: Re: [Exim] Bypassing RBL check for authenticated users.
Hey all,

I finally "mastered" the acl, this is my final version in case someone needs
anything similar.:

Oren.




begin acl

#!!# ACL that is used after the RCPT command
check_recipient:
# Exim 3 had no checking on -bs messages, so for compatibility
# we accept if the source is local SMTP (i.e. not over TCP/IP).
# We do this by testing for an empty sending host field.
accept hosts = :

  accept authenticated = *
         message = Authenticated user must match sender!
         endpass
         condition = ${if eq{$authenticated_id}{$sender_address}{yes}{no}}
         verify = sender


#!!# Spam control starts here:
deny message = rejected because $sender_host_address is \
blacklisted at $dnslist_domain\n\
$dnslist_text
dnslists = bl.spamcop.net : \
           blackholes.mail-abuse.org : \
           dialup.mail-abuse.org : \
           blackholes.easynet.nl : \
           sbl.spamhaus.org : \
           opm.blitzed.org : \
           ipwhois.rfc-ignorant.org : \
           cbl.abuseat.org : \
           spamhaus.relays.osirusoft.com=127.0.0.6 : \
           sbl.spamhaus.org=127.0.0.2 : \
           relays.ordb.org


  # Accept bounces to lists even if callbacks or other checks would fail
  warn     message      = X-WhitelistedRCPT-nohdrfromcallback: Yes
           condition    = \
           ${if and {{match{$local_part}{(.*)-bounces\+.*}} \
                     {exists
{/usr/local/cpanel/3rdparty/mailman/lists/${lc:$1}_${lc:$domain}/config.pck}
}} \
                {yes}{no}}


  accept   condition    = \
           ${if and {{match{$local_part}{(.*)-bounces\+.*}} \
                     {exists
{/usr/local/cpanel/3rdparty/mailman/lists/${lc:$1}_${lc:$domain}/config.pck}
}} \
                {yes}{no}}


  warn     message      = X-WhitelistedRCPT-nohdrfromcallback: Yes
           condition    = \
           ${if and {{match{$local_part}{mailman-bounces\+.*}} \
                     {exists
{/usr/local/cpanel/3rdparty/mailman/lists/mailman/config.pck}}} \
                {yes}{no}}


  accept   condition    = \
           ${if and {{match{$local_part}{mailman-bounces\+.*}} \
                     {exists
{/usr/local/cpanel/3rdparty/mailman/lists/mailman/config.pck}}} \
                {yes}{no}}


require verify = sender

accept domains = +local_domains
accept domains = +relay_domains
accept hosts = +relay_hosts
accept condition = ${perl{checkrelayhost}{$sender_host_address}}

#  accept  hosts = +auth_relay_hosts
#          endpass
#          message = $sender_fullhost is currently not permitted to \
#                        relay through this server.



  deny    message = $sender_fullhost is currently not permitted to send you
must first authenticate


#!!# ACL that is used after the DATA command
check_message:
require verify = header_sender
accept