Re: [exim] ACL Question

Top Page
Delete this message
Reply to this message
Author: Peter Bowyer
Date:  
To: Exim, Users
Subject: Re: [exim] ACL Question
On 16/10/06, Mike <cbrmike@???> wrote:
> Would it be better to do HELO checks in acl_smtp_helo, sender checks in
> acl_smtp_mail, setting a variable in each check indicating pass/fail for
> rejection later in the acl_smtp_rcpt check per-recipient (thus only doing
> the check once), or with various caching, is it just as well to put all
> HELO/MAIL checks in the rcpt acl?


As a general rule: collect data points as soon as they're available,
and implement defensive tactics as soon as you're sure you need them.

So.. this might mean setting a (or some) flags based on HELO
verification, rejecting based on gross transgressions, but use the
flags later in the RCPT acl for finer granularity.

You might want/need to accept mail to postmaster and/or abuse
addresses from most/all clients, for example. Apocryphally, some MTAs
and some spamware are known to misbehave when 5xx'd at HELO time,
could be best to save up the 'deny' until the RCPTs.

Peter



--
Peter Bowyer
Email: peter@???