Re: [exim] lsearch expression for check_helo ACL?

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Christian Schmidt
Date:  
À: exim-users
Sujet: Re: [exim] lsearch expression for check_helo ACL?
Hello Tabor,

happy new year to all of you!!

Tabor J. Wells, 29.12.2004 (d.m.y):

> On Wed, Dec 29, 2004 at 04:43:54PM +0100,
> Christian Schmidt <christian@???> is thought to have said:
>
> > begin acl
> >
> > check_helo:
> >   # If remote host greets with an IP address, reject connection:
> >   deny    message = REJECTED - Bad HELO - IP address not allowed ($sender_helo_name).
> >         condition = ${if isip {$sender_helo_name}{true}{false}}

> >
> >   # Deny if the HELO pretends to be this host:
> >   deny    message = You pretend to be $sender_helo_name, but that's me.
> >         condition = ${if or { \
> >                 {eq {${lc:$sender_helo_name}}{server.linau.de}} \
> >             {eq    {${lc:$sender_helo_name}}{www.linau.de}} \
> >             {eq {${lc:$sender_helo_name}}{localhost}}}{true}{false}}
> >   # Otherwise accept connection:
> >   accept

[How to reduce this to a single line using lsearch]
> Personally I recommend moving this sort of check out of the helo acl and
> into rcpt. Just because some brokenware will take an error in response to
> helo as grounds to immediately retry.


OK, I'll keep that in mind...

> As far as your lookup goes just do something like:
>
>   # And from systems which give banned HELO
>   deny    hosts     = !+relay_from_hosts
>           condition = ${lookup{${lc:$sender_helo_name}} 
>                    dbm {/etc/exim/db/heloreject.db} {yes} {no}}
>           log_message = SPAMFILTER: $sender_host_address sent banned \
>               HELO: $sender_helo_name
>           message = Go away

>
> my helorejects.db contains things like domains I MX for, IP addresses of my
> MXes, random other things I know to be invalid helo values, etc.


I'll give it a try.

Regards & Thanks,
Christian Schmidt
-- 
Nur wenige Führungskräfte sehen ein, daß sie letztendlich nur eine
Person führen müssen. Diese Person sind sie selbst.
        -- Peter Drucker