Re: [exim] Looking for Mail::SPF (2.002) Exim acl example

Startseite
Diese Nachricht ist Teil des folgenden Threads:
M-+\Der komplette Thread sortiert nach Datum
M.MMDan_Mitton am <-
M\Marc Sherman am ->
Nachricht löschen
Nachricht beantworten
Autor: Craig Whitmore
Datum:  
To: Dan_Mitton
CC: exim-users
Betreff: Re: [exim] Looking for Mail::SPF (2.002) Exim acl example
> The older Mail::SPF::Query perl module also included a simple Exim acl
> example, the newer Mail::SPF does not. Does someone have an example acl
> that might include checking at the HELO, MAIL commands in addition to RCPT
> and DATA commands.
>

You can use the same settings but change a few of the keywords (you can use
the old ones as they aere backwards compatible). If you are familiar with
exim you should be able to add this stuff in..

run at startup: (I'm running Debian)

/usr/sbin/spfd -s /tmp/spfd --socket-user Debian-exim --socket-group
mail --socket-perms 777 -set-user Debian-exim --set-group mail & 

exim config things to add..
-------------
acl_smtp_mail                    = acl_check_mail
acl_smtp_rcpt                    = acl_check_rcpt
acl_smtp_data                    = acl_check_data


acl_check_mail: 

  deny !acl         = spf_rcpt_acl
          !senders     = : postmaster@*
          hosts        = !+relay_from_hosts


spf_rcpt_acl: 

  warn  set acl_m8  = $sender_address
  deny  !acl        = spf_check
  warn  message     = :at_start:Received-SPF: $acl_m8 ($acl_m7)


accept

spf_from_acl: 

  warn  set acl_m8  = ${address:$h_from:}
  deny  !acl        = spf_check
  warn  message     = :at_start:Received-SPF: $acl_m8 ($acl_m7)
        log_message = "SPF Status = $acl_m8"
  accept



spf_check: 

    warn     set acl_m9  = ${readsocket{/tmp/spfd}\
                           {ip_address=$sender_host_address\n\
                           helo_identity=$sender_helo_name\n\
                           scope=mfrom\n\
                           identity=$acl_m8\n\n}{60s}{\n}{socket failure}}


    warn    condition    = ${if eq{$acl_m9}{socket failure}{yes}{no}}
             message     = Cannot connect to spfd
             log_message = Error with SPFD


    warn     set acl_m9  = ${sg{$acl_m9}{\N=(.*)\n\N}{=\"\$1\" }}
             set acl_m8  = ${extract{result}{$acl_m9}{$value}{unknown}}
             set acl_m7  = ${extract{local_explanation}{$acl_m9}{$value}{}}


    deny     condition   = ${if eq{$acl_m8}{fail}{yes}{no}}
             message     =
${extract{authority_explanation}{$acl_m9}{$value}{}}
             log_message =
${extract{authority_explanation}{$acl_m9}{$value}{}}


    deny     condition   = ${if eq{$acl_m8}{unknown}{yes}{no}}
             message     =
${extract{authority_explanation}{$acl_m9}{$value}{}}
             log_message =
${extract{authority_explanation}{$acl_m9}{$value}{}}


    warn     condition   = ${if eq{$acl_m8}{softfail}{yes}{no}}
            log_message  = Softfail of SPF.


accept

acl_check_data: 

  deny senders = :
       !acl = spf_from_acl


---------------



Diese Nachricht wurde auf der folgenden Mailing-List gepostet:
Exim-users
Mailing-List-Info | Nachrichten um die Zeit		<-Re: [exim] Looking for Mail::SPF (2.002) Exim acl exampleRe: [exim] Looking for Mail::SPF (2.002) Exim acl example->
Tahini and Hummus and Cumin Development Archives administriert von cumin AdminsLurker (Version 2.3)