Re: [exim] ACL Question

Top Page
This message is part of the following thread:
M+\the complete thread tree sorted by date
MMMW B Hacker at <-
SeattleServer.com at ->
Delete this message
Reply to this message
Author: Peter Bowyer
Date:  
To: Exim, Users
Subject: Re: [exim] ACL Question
On 16/10/06, Mike <cbrmike@???> wrote:
> Would it be better to do HELO checks in acl_smtp_helo, sender checks in
> acl_smtp_mail, setting a variable in each check indicating pass/fail for
> rejection later in the acl_smtp_rcpt check per-recipient (thus only doing
> the check once), or with various caching, is it just as well to put all
> HELO/MAIL checks in the rcpt acl?

As a general rule: collect data points as soon as they're available,
and implement defensive tactics as soon as you're sure you need them.

So.. this might mean setting a (or some) flags based on HELO
verification, rejecting based on gross transgressions, but use the
flags later in the RCPT acl for finer granularity.

You might want/need to accept mail to postmaster and/or abuse
addresses from most/all clients, for example. Apocryphally, some MTAs
and some spamware are known to misbehave when 5xx'd at HELO time,
could be best to save up the 'deny' until the RCPTs.

Peter



--
Peter Bowyer
Email: peter@???


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] ACL QuestionRe: [exim] More on list management->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)