Re: [Exim] acl to reject clients

Góra strony
Delete this message
Reply to this message
Autor: Odhiambo G. Washington
Data:  
Dla: exim-users
CC: tnuro
Temat: Re: [Exim] acl to reject clients
* TN <tnuro@???> [20040609 10:33]: wrote:
> Hi,
>
> I have been asked by a firm for whom I installed exim for to block
> certain email clients from being used when sending email. They want this
> for license compliance to force their staff to stop using clients for
> which they don't own licenses (ie. outlook, lotus notes etc). I
> suggested that they just enforce it, but staff tend to install whatever
> they feel like without the management's knowledge (they don't have an
> admin, I'm it and only ask me to do work irregularly, so I have no
> control either)
>
>
> Is this possible, and how is this done ? I presume its possible by
> inspecting the User-Agent but I don't think outlook express sends this,
> and I imagine they would still like their staff to use OE.


Hi TN,


It is doable, and almost trivial thing to do. OE sends the user agent
string, I see it always. I feel nothing for them if this doesn't quite
work (because we are in a Free world). So just tell them decide the
version of OE everyone must use. Ask them to send you a test mail from
it (preferably let a few of them send) and they compare the user agent
string from all of them and verify it's uniform.
NB: It might change if they run Windows update automatically!!

In the Exim system filter (isn't Exim so flexible?) craft the evil rule
like so (I hope you make the sense out of this):

!!Beware line wraps!!!

# This evil rule should only run if the mail is from their domain and
# the sending host is within their subnet

if $sender_address_domain is their-domain.com and ${mask:$sender_host_address/XX} is a.b.c.d/XX
   and $header_X-Mailer does not match "Microsoft Outlook Express X.XX.XXXX.XXXX" then
   logfile /var/log/exim/banned-mailers.log
   logwrite "$tod_log Reason: (EVIL_MAILER_RULE was Matched)\n\Message-id: $message_id (Banned Mailer)\n\
             BANNED Mailer Agent: $header_X-Mailer\n\Subject: $header_subject\n\Recipients: $recipients\n\
             Return path: $return_path\n\
------------------------------------------------------------------------------"
   fail text "You are using a mailer program, $header_X-Mailer BANNED by ORG Policy 123."
endif



Hope that helps. How is OZ? I dream of travelling there one day ;)



        cheers
       - wash
+----------------------------------+-----------------------------------------+
Odhiambo Washington                     . WANANCHI ONLINE LTD (Nairobi, KE)  |
<wash at wananchi dot com>              . 1ere Etage, Loita Hse, Loita St.,  |
GSM: (+254) 722 743 223                 . # 10286, 00100 NAIROBI             |
GSM: (+254) 733 744 121                 . (+254) 020 313 985 - 9             |
+---------------------------------+------------------------------------------+
"Oh My God! They killed init! You Bastards!"
                         --from a /. post