[it:~] root# /usr/local/exim/bin/exim -bh 17.250.248.87
**** SMTP testing session as if from host 17.250.248.87
**** but without any ident (RFC 1413) callback.
**** This is not for real!
>>> host in host_lookup? yes (matched "*")
>>> looking up host name for 17.250.248.87
>>> IP address lookup yielded a17-250-248-87.apple.com
>>> alias smtpout.mac.com
>>> gethostbyname looked up these IP addresses:
>>> name=a17-250-248-87.apple.com address=17.250.248.87
>>> checking addresses for a17-250-248-87.apple.com
>>> 17.250.248.87 OK
>>> gethostbyname looked up these IP addresses:
>>> name=smtpout.mac.com address=17.250.248.84
>>> name=smtpout.mac.com address=17.250.248.85
>>> name=smtpout.mac.com address=17.250.248.86
>>> name=smtpout.mac.com address=17.250.248.87
>>> name=smtpout.mac.com address=17.250.248.88
>>> name=smtpout.mac.com address=17.250.248.89
>>> name=smtpout.mac.com address=17.250.248.97
>>> name=smtpout.mac.com address=17.250.248.47
>>> name=smtpout.mac.com address=17.250.248.83
>>> checking addresses for smtpout.mac.com
>>> 17.250.248.84
>>> 17.250.248.85
>>> 17.250.248.86
>>> 17.250.248.87 OK
[...]
220 m.humph.com ESMTP Exim 4.24 Wed, 22 Oct 2003 10:30:36 +0200
HELO smtpout.mac.com
250 m.humph.com Hello a17-250-248-87.apple.com [17.250.248.87]
MAIL FROM:<inessential>
[...]
250 OK
RCPT TO:<irrelevant>
[...] THE IMPORTANT BITS START HERE <<<<<<
>>> processing "warn"
>>> check condition = ${if !eq
>>>{${extract{-2}{.}{$sender_host_name}{$value}fail}}{${extract{-2}{.}{$sender_helo_name}{$value}fail}}{yes}{no}}
>>> = yes
I do not agree! I know it's a question of opinion, but id Exim knows
that the helo name is genuine as it corresponds to the host address,
wouldn't it be better to set the sender_host_name to the
sender_helo_name?
I know this can effectively be done with a "clever" acl.
And indeed that is what I attempted with the second condition:
>>> check condition = ${if !eq {${lookup
>>>dnsdb{A=$sender_helo_name}{$value}{}}}{$sender_host_address}{yes}{no}}
>>> = yes
>>> check set acl_c1 = 2
>>> warn: condition test succeeded
but it went wrong and I can see why, the A record lookup yelds a
list, so the eq cannot be true. Would a match (with reversed
arguments of course) work?
condition = ${if ! match {$sender_host_address}{${lookup
dnsdb{A=$sender_helo_name}{$value}{}}}{yes}{no}}
I will test and answer myself to this one..
If it works then I can set my own sender_host_address in acl_m0 with
warn set acl_m0 = $sender_host_address
condition = ${if match {$sender_host_address}{${lookup
dnsdb{A=$sender_helo_name}{$value}{}}}{yes}{no}}
set acl_m0 = $sender_helo_name
to use it then in my other:
>>> processing "warn"
>>> check condition = ${if match
>>>{$sender_host_name}{\N(?i)(dial|dsl|cable|slip|ppp|(host.*pool)|([0-9]+[^0-9]+[0-9]+[^0-9]+[0-9]+[^0-9]+[0-9]+)|([0-9]{6}))\N}{yes}{no}}
>>> = yes
>>> check set acl_c4 = 1
>>> warn: condition test succeeded
so that I would not have:
LOG: HN5H2O-0009R8-I9 H=a17-250-248-87.apple.com (smtpout.mac.com)
[17.250.248.87] Warning: DATA SPAM FLAGS:0;2;0;0;1;0;0;0;0;0; SCORE:
8 RBLS: 0
Danke for your attention. Comments welcome.
Giuliano
--
H U M P H
|| |||
software
Java & C++ Server/Client/Human Interface applications on MacOS - MacOS X
http://www.humph.com/
