Hi,
On Fri, Mar 05, 2004 at 09:54:06AM -0800, Tor Slettnes wrote:
> --
> How about adding the following ACL condition:
> sender_helo_name = <domain list>
>
>
> That way, you could add something like the following in an ACL:
>
> acl_check_helo:
> accept hosts = : +relay_from_hosts
>
> deny message = Do not pretend to be me, impostor!
> sender_helo_name = +local_domains
>
>
> Currently, one can do the following (as I do):
>
> acl_check_helo:
> accept hosts = : +relay_from_hosts
>
> deny message = Give me your name, not an IP address
> condition = ${if isip {$sender_helo_name}{yes}{no}}
>
> deny message = Go away, impostor!
> condition = ${if eq
> {$sender_helo_name}{$primary_hostname}{yes}{no}}
>
>
> However, this only catches the primary host name (in my case,
> 'net.slett.net'), not the domains for which the machine is configured
> to handle mail ('slett.net'...)
>
>
> Good? Bad? Ugly?
> I would not mind writing a patch to accomplish this, if noone else
> wants to and noone thinks it is not a good idea. (How's that for
> triple negatives? :)
I've run into exactly the same issue, but I would suggest a different
approach than introducing more and more ACL (or router or transport)
conditions:
I was wondering that there is no generic expansion condition to test
if a string is part of a list.
Expansion conditions would be much more powerful with this extension
and I guess it is not too much work to implement it.
--
Gruss / Best regards | LF.net GmbH | fon +49 711 90074-411
Matthias Waffenschmidt | Ruppmannstr. 27 | fax +49 711 90074-33
mw@??? | D-70565 Stuttgart | http://www.lf.net
