> -----Original Message-----
> From: exim-users-bounces@??? [mailto:exim-users-bounces@exim.org]On
> Behalf Of Troy Settle
> Sent: Wednesday, July 20, 2005 9:09 AM
> To: peter@???
> Cc: exim-users@???
> Subject: Re: [exim] anti-spoof acl rules
>
>
>
>
> Peter Bowyer wrote:
> > On 20/07/05, Troy Settle <troy@???> wrote:
> >
> >>After long last, I'm finally fed up with the spoofed emails from
> >>addresses such as:
> >>
> >> admin@
> >> support@
> >> info@
> >> staff@
> >>
> >>I successfully blocked these by adding the following to my configure:
> >>
> >> deny senders = admin@???:info@???
> >> message = Spoofers not welcome here!
> >>
> >>However, I need a rule that will wildcard in all local domains, but also
> >>allow for a whitelist:
> >>
> >> allow senders = admin@???
> >> deny senders = admin
> >> domains = +local_domains
> >> message = Spoofers not welcome here!
> >>
> >>But, with this, Exim refuses to run.
> >
> >
> > Oooh good, my favourite rant :-)
> >
> > What form does this 'refusal to run' take?
> >
> > If you go looking in the Exim logs, there's a very good chance you'll
> > find a clue as to what you've done wrong. Even if it doesn't help you,
> > posting the log messages here will almost certainly help us to help
> > you.
> >
> > (This is meant to be constructive, even if it doesn't seem like it)
> >
> > Peter
>
>
> Here's the error:
>
> error in ACL: unknown ACL condition/modifier in "allow senders
> = admin@???"
>
> DUH!! accept maybe? Let's ignore this part for now though, first I
> want to figure out how to block these role accounts:
>
> deny senders = admin
> domains = +local_domains
>
> It didn't block anything, so I tried this as well:
>
> deny senders = admin@*
> domains = +local_domains
>
> It blocked external domains as well as locals.
>
the domains = +local_domains relates to recipient domains not the sender
domain
if the domain part of admin local is different than the domain part of admin
external then deny senders = admin@local
.
now if you are trying to use the sender domain in a list then you should use
sender_domains =
so
deny senders = admin@*
sender_domains = +local_domains
might??? do what you want, if I understand your question.
Rick
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.