Author: Jan Kapellen Date: To: exim-users Subject: [exim] deny smtp connection
Hi we're are using exim as mta for our internal company mailserver. In
last times we recieve many worm-mails from one special adress in a
dial-in-pool.
As usual in standart exim config, we we're till now only checking
recipient via acl and some additional blacklists.
But now i have to write an acl on smtp_connect or smtp_helo. for now
i've tried with:
[...]
acl_smtp_helo = acl_check_helo
[...]
acl_check_helo:
accept hosts = *
deny hosts = *.some.pppool.tld
[eof]
unfortunately this doesn't work, as i expected, because messages are
still coming in from this host (someuser.some.pppool.tld).
For now i am trying same with "acl_smtp_connect" instead of
"acl_smtp_helo" maybe this can work.
the goal is to not even make connections to this infected dial-in user.
can you give me a hint ?