Re: [exim] Sender verification

Top Page
This message is part of the following thread:
M+\the complete thread tree sorted by date
MMMW B Hacker at <-
.MAndrew - Supernews at ->
Delete this message
Reply to this message
Author: Renaud Allard
Date:  
To: erwin.ambrosch, exim-users
Subject: Re: [exim] Sender verification
Aren't you sending from a $sender_address which is in the whitelist?
Using this ACL:
    # Whitelist on mailbox level
    accept
           message   = Sender $sender_address is in local Whitelist
           condition = ${if !eq {}{${lookup pgsql {SQL_WHITELIST}}}}


You may also have the check disabled in you pgsql in the condition statememt
          condition = ${if eq {t}{${lookup pgsql {SQL_VERIFY_SENDER}}}}


Erwin Ambrosch|XHOSTPLUS wrote:
> Hi,
>
> here my ACLs. I do not send from localhost to test this issue.
>
> begin acl
>
> # ACL that is used after the RCPT command
> check_recipient:
> 
>     accept
>            hosts  = 127.0.0.1/24

> 
>     # Whitelist on mailbox level
>     accept
>            message   = Sender $sender_address is in local Whitelist
>            condition = ${if !eq {}{${lookup pgsql {SQL_WHITELIST}}}}

> 
>     # Blacklist on mailbox level
>     deny
>             message   = Sender $sender_address is in local Blacklist
>             condition = ${if !eq {}{${lookup pgsql {SQL_BLACKLIST}}}}

> 
>     deny    local_parts   = ^.*[@%!/|]

> 
>     # If user defiend just verifying the domain
>     deny !verify   = sender
>          condition = ${if eq {t}{${lookup pgsql
> {SQL_VERIFY_SENDER_DOMAIN}}}}

> 
>     # If user defiend verifying the whole address
>     deny !verify   = sender/callout=15s
>          condition = ${if eq {t}{${lookup pgsql {SQL_VERIFY_SENDER}}}}

> 
>     accept  domains       = +local_domains
>             endpass
>             # Otherwise the RCPT TO command alway retuns "250 Accepted"
>             # because the verify condition just works with files.
>             # If not checking this, mails which can not be sent back to
> the sender
>             # remain in the queue until the retry time is passed.
>             condition     = ${if eq {}{${lookup pgsql
> {SQL_Q_ACL_MAIL_BOX}}}{no}{yes}}
>             message       = unknown user
>             # Verifing the recipient is no longer neccessary, because
>             # we are using the condition constraint.
>             #verify        = recipient

> 
>     accept  authenticated = *

> 
>     deny    message       = relay not permitted
>             log_message   = relay not permitted

> 
> # ACL that is used after the DATA command
>   check_message:
>     accept  authenticated = *
>     accept

>
>
> Thanks for helping me!
>
> Regards
> Erwin
>
>
> Renaud Allard schrieb:
>>
>> Erwin Ambrosch|XHOSTPLUS wrote:
>>> Hi All,
>>>
>>> I've exim4 configured to do a verify = sender/callout=15s and it
>>> works for sender which domain is not in the list of local_domains. If
>>> an E-Mail is sent with the domain_part existing in the local_domains,
>>> it exim4 doesn't perform the sender/callout verification.
>>>
>>> Here my ACLS effected by this issue:
>>>
>>> deny !verify = sender/callout=15s
>>>
>>> accept  domains = +local_domains
>>>          endpass
>>>          verify = recipient

>>>
>>
>> The order of the ACLs is very important. Are you sure you aren't sending
>> mail from an IP accepted in a former ACL? You should send your full
>> config (at least the ACL part) for us to help you efficiently.
>>
>

--
010100100110010101101110011000010111010101100100
010000010110110001101100011000010111001001100100
This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] truncated messages with mailmanRe: [exim] Exim + SRS->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)