Re: [exim] Please sanity-check my ACLs outline

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
M\Dave Pooser at <-
MMPeter Bowyer at ->
Delete this message
Reply to this message
Author: W B Hacker
Date:  
To: exim users
Subject: Re: [exim] Please sanity-check my ACLs outline
Dave Pooser wrote:

>>>- [ ] acl_data
>>>- [ ] accept if local part is postmaster and/or blacklist admin
>>>and/or abuse
>>>- [ ] scan with ClamAV
>>
>>Recipient address is not available in DATA ACL, i.e. you can't
>>selectively pass or reject recipients in the ACL.
>
>
> Okay, can I set an ACL variable if the recipient is postmaster in the
> acl_rcpt_to ACL and then reference that variable in the DATA ACL? Or does it
> just make more sense to use the SpamAssassin all_spam_to directive?

Yes - you may use a 'warn' verb to carry the test and variable if it doesn't fit
an existing acl clause.

FWIW, you may wish to handle 'hostmaster' and 'abuse' the same way as
'postmaster' (optionally 'webmaster' as well), *and* allow domain_literals
(postmaster@<IP>) on (only) those addresses.

This because your <domain>.<tld> registrar or upstream ISP might need to reach
you 'regardless'. Think DNS failure or service suspension.

The acl variable would probably be 'lighter weight' than SA as far as resource
load, and arguably more focused for the specific purpose w/r keeping track of
what you are doing.

HTH,

Bill




This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-[exim] Easy UpgradesRe: [exim] Easy Upgrades->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)