On Mon, 27 Jun 2005 11:42:14 -0400
"Slawomir Orlowski \(CYMPAK\)" <sorlowski@???> wrote:
> 1) Having below configuration:
> acl_smtp_helo = acl_check_helo
> begin acl
> acl_check_helo:
> verify helo
> I would receive only e-mail from host whose HELO could be verified
> (Am I correct)?
Not quite, you want something like:
acl_check_helo:
# this is a fairly strict check
deny !verify = helo
accept
> But I would like to be able to verify HELO's from all host except
> some host kept in file.
> How to do that ?
acl_check_helo:
# this is a fairly strict check
deny !hosts = /path/to/file
!verify = helo
accept
where /path/to/file contains a list of hosts.
> 2) I would like to reject e-mail from some domains, IP's(would like
> to have the list in file),
> How and where to do that (acl_smtp_rctp or acl_smtp_connect) ?
Up to you. I would say that acl_smtp_rcpt is better, since it allows
you to accept mails to postmaster/abuse from the domains whilst
rejecting everything else (so that the people you are blocking can
contact you if they think you have made a mistake).
I would therefore put the check in the RCPT ACL, somewhere after the
"accept local_parts = postmaster....":
A simple example is:
deny message = Your domain is blacklisted locally
sender_domains = /path/to/blacklisted_domains
where /path/to/blacklisted domains contains something like:
...
somedomain.example.com
otherdomain.example.net
...
Tim
