Kevin Reed wrote:
>>>If HELO yahoo.com comes from an IP with non yahoo rDNS, DENY - don't
>>>waste time deferring it.
>>
>>Nice idea. Do you have that recipe in acl syntax for a cookbook?
>
> There is a sample of it on the forum.
>
> http://exim.got-there.com/forums/viewtopic.php?p=465#465
There will be problems with checking if nameserver be inaccessible.
Here is a modified variant:
# Check Certain HELO's against what their hostname is supposed to be
warn set acl_m9 = ${lookup{$sender_helo_name} \
partial-lsearch{/usr/local/exim/helo-check} \
{${if eq{$value}{}{$sender_helo_name}{$value}}}{}}
defer condition = ${if eq{$acl_m9}{}{no}{yes}}
condition = ${if eq{$sender_host_name}{}{yes}{no}}
condition = ${if eq{$host_lookup_failed}{1}{no}{yes}}
message = Access temporarily denied. Cannot resolve PTR
record for $sender_host_address
drop log_message = HELO MISMATCH Forged HELO for ($sender_helo_name)
condition = ${if and { \
{!eq{$acl_m9}{}} \
{!match{$sender_host_name}{${rxquote:$acl_m9}\N$\N}} \
} \
{yes}{no}}
delay = 30s
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Best wishes Victor Ustugov mailto:victor@corvax.kiev.ua
ICQ UIN: 77186900, 32418694 nic-handle: CRV2-RIPE, CRV-UANIC
