On Wed, Dec 29, 2004 at 04:43:54PM +0100,
Christian Schmidt <christian@???> is thought to have said:
> begin acl
>
> check_helo:
> # If remote host greets with an IP address, reject connection:
> deny message = REJECTED - Bad HELO - IP address not allowed ($sender_helo_name).
> condition = ${if isip {$sender_helo_name}{true}{false}}
>
> # Deny if the HELO pretends to be this host:
> deny message = You pretend to be $sender_helo_name, but that's me.
> condition = ${if or { \
> {eq {${lc:$sender_helo_name}}{server.linau.de}} \
> {eq {${lc:$sender_helo_name}}{www.linau.de}} \
> {eq {${lc:$sender_helo_name}}{localhost}}}{true}{false}}
> # Otherwise accept connection:
> accept
>
> As have listed all local domain names in a file using
> domainlist local_domains = /etc/exim4/domainfiles/local-domains.txt
> I'm wondering how to include either the local_domains variable or the
> local-domains.txt file in my condition expression.
> I've already tried constructing an expression using "lsearch", but
> unfortunately, I'm not yet familiar enough with the corresponding
> syntax.
Personally I recommend moving this sort of check out of the helo acl and
into rcpt. Just because some brokenware will take an error in response to
helo as grounds to immediately retry.
As far as your lookup goes just do something like:
# And from systems which give banned HELO
deny hosts = !+relay_from_hosts
condition = ${lookup{${lc:$sender_helo_name}} dbm {/etc/exim/db/heloreject.db} {yes} {no}}
log_message = SPAMFILTER: $sender_host_address sent banned HELO: $sender_helo_name
message = Go away
my helorejects.db contains things like domains I MX for, IP addresses of my
MXes, random other things I know to be invalid helo values, etc.
Tabor
--
--------------------------------------------------------------------
Tabor J. Wells twells@???
Fsck It! Just another victim of the ambient morality