[Exim] Another attempt at acl_smtp_helo (comments, please)

Góra strony
Delete this message
Reply to this message
Autor: Toralf Lund
Data:  
Dla: Exim Mailing List
Temat: [Exim] Another attempt at acl_smtp_helo (comments, please)
What do you people think about my following (early) attempt at a HELO check?

helo_try_verify_hosts = !127.0.0.1 : \N!^(.*\.|)(DOMAINS)$\N
[ ... ]
acl_smtp_helo = check_helo
[ ... ]
check_helo:
  accept verify = helo
  deny condition = ${if eq{$sender_helo_name}{}{yes}{no}}
       message = RFCs mandate HELO/EHLO before mail can be sent
  deny condition = ${if match
{${lc:$sender_helo_name}}{\N^(.*\.|)(DOMAINS)$\N}{1}{0}}
       message   = Do not pretend to be me, impostor!
  warn message = X-Warning: Message sent with invalid HELO/EHLO
($sender_host [$sender_host_address] presented itself as $sender_helo_name)
  accept


The idea is to combine the built-in check with an ACL in order to
"relax" the check a bit with respect to what connections are denied, but
give warning for everything that's not valid. Whether or not this will
work depends on the order of operations...

DOMAINS is a '|'-separated (regexp format) list of all the local domains.

- Toralf