Re: [exim] lsearch expression for check_helo ACL?

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Tabor J. Wells
Dátum:  
Címzett: exim-users
Tárgy: Re: [exim] lsearch expression for check_helo ACL?
On Wed, Dec 29, 2004 at 04:43:54PM +0100,
Christian Schmidt <christian@???> is thought to have said:

> begin acl
>
> check_helo:
>   # If remote host greets with an IP address, reject connection:
>   deny    message = REJECTED - Bad HELO - IP address not allowed ($sender_helo_name).
>         condition = ${if isip {$sender_helo_name}{true}{false}}

>
>   # Deny if the HELO pretends to be this host:
>   deny    message = You pretend to be $sender_helo_name, but that's me.
>         condition = ${if or { \
>                 {eq {${lc:$sender_helo_name}}{server.linau.de}} \
>             {eq    {${lc:$sender_helo_name}}{www.linau.de}} \
>             {eq {${lc:$sender_helo_name}}{localhost}}}{true}{false}}
>   # Otherwise accept connection:
>   accept

>
> As have listed all local domain names in a file using
> domainlist local_domains = /etc/exim4/domainfiles/local-domains.txt
> I'm wondering how to include either the local_domains variable or the
> local-domains.txt file in my condition expression.
> I've already tried constructing an expression using "lsearch", but
> unfortunately, I'm not yet familiar enough with the corresponding
> syntax.


Personally I recommend moving this sort of check out of the helo acl and
into rcpt. Just because some brokenware will take an error in response to
helo as grounds to immediately retry.

As far as your lookup goes just do something like:

  # And from systems which give banned HELO
  deny    hosts     = !+relay_from_hosts
          condition = ${lookup{${lc:$sender_helo_name}} dbm {/etc/exim/db/heloreject.db} {yes} {no}}
          log_message = SPAMFILTER: $sender_host_address sent banned HELO: $sender_helo_name
          message = Go away


my helorejects.db contains things like domains I MX for, IP addresses of my
MXes, random other things I know to be invalid helo values, etc.

Tabor

-- 
--------------------------------------------------------------------
Tabor J. Wells                                     twells@???
Fsck It!                 Just another victim of the ambient morality