On Sun, July 24, 2005 18:27, Fred Viles said:
>
> deny message = Spoofed server name detected
> !hosts = +relay_from_hosts
> !authenticated = *
> condition = ${if or { \
> {match {${lc:$sender_helo_name}} {epitools\.com}} \
> {match {${lc:$sender_helo_name}} {episupport\.com}} \
> {match {${lc:$sender_helo_name}} {embeddedperformance\.com}} \
>
No, this too is not correct. The 'match' expands the second argument and
then treats it as a regular expression. From the manual:
The two substrings are first expanded. The second is then treated as a
regular expression and applied to the first. Because of the
pre-expansion, if the regular expression contains dollar, or backslash
characters, they must be escaped.
As such the '\.' becomes just a '.' after expansion. In a regular
expression a '.' is 'any character'. As such your first 'match' would
match, for example, 'epitoolsxcom'.
The easiest solution is to use the '\N' feature to disable expansion:
{match {${lc:$sender_helo_name}} {\Nepitools\.com\N}}
John.
--
---------------------------------------------------------------
John Horne, University of Plymouth, UK Tel: +44 (0)1752 233914
E-mail: John.Horne@??? Fax: +44 (0)1752 233839
