RE: [Exim] Feature request: 'sender_helo_name' ACL condition

Top Page
Delete this message
Reply to this message
Author: Rick Cooper
Date:  
To: exim-users
Subject: RE: [Exim] Feature request: 'sender_helo_name' ACL condition

> -----Original Message-----
> From: exim-users-admin@???
> [mailto:exim-users-admin@exim.org]On
> Behalf Of Matthias Waffenschmidt
> Sent: Tuesday, March 09, 2004 4:55 AM
> To: Tor Slettnes
> Cc: exim-users@???
> Subject: Re: [Exim] Feature request:
> 'sender_helo_name' ACL condition
>
>
> Hi,
>
> On Fri, Mar 05, 2004 at 09:54:06AM -0800, Tor Slettnes wrote:
> > --
> > How about adding the following ACL condition:
> >      sender_helo_name = <domain list>

> >
> >
> > That way, you could add something like the following
> in an ACL:
> >
> >      acl_check_helo:
> >           accept hosts = : +relay_from_hosts

> >
> >           deny message = Do not pretend to be me, impostor!
> >               sender_helo_name = +local_domains

> >
> >
> > Currently, one can do the following (as I do):
> >
> >      acl_check_helo:
> >           accept hosts  = : +relay_from_hosts

> >
> >           deny message  = Give me your name, not an
> IP address
> >               condition = ${if isip
> {$sender_helo_name}{yes}{no}}

> >
> >           deny message  = Go away, impostor!
> >               condition = ${if eq
> > {$sender_helo_name}{$primary_hostname}{yes}{no}}

> >
> >
> > However, this only catches the primary host name (in my case,
> > 'net.slett.net'), not the domains for which the
> machine is configured
> > to handle mail ('slett.net'...)

Sorry I missed the original post

change your eq $sender_helo_name to:
{match{${lc:$sender_helo_name}}{slett.net}} and if you have more
than one domain you are handling change the slett net to an
expansion (file, lsearch, named list, etc) that contains the
domains you want to test for. The matches statement would match
on evil.slett.net, me.slett.net, etc


> >
> >
> > Good? Bad? Ugly?
> > I would not mind writing a patch to accomplish this,
> if noone else
> > wants to and noone thinks it is not a good idea.
> (How's that for
> > triple negatives? :)
>
> I've run into exactly the same issue, but I would
> suggest a different
> approach than introducing more and more ACL (or router
> or transport)
> conditions:
>
> I was wondering that there is no generic expansion
> condition to test
> if a string is part of a list.
>
> Expansion conditions would be much more powerful with
> this extension
> and I guess it is not too much work to implement it.
>
> --
> Gruss / Best regards   |  LF.net GmbH        |  fon
> +49 711 90074-411
> Matthias Waffenschmidt |  Ruppmannstr. 27    |  fax
> +49 711 90074-33
> mw@???              |  D-70565 Stuttgart  |
> http://www.lf.net

>
> --
>
> ## List details at
> http://www.exim.org/mailman/listinfo/exim-users Exim
> details at http://www.exim.org/ ##
>
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
>