Re: [exim] Applying Blacklists to EVERY IP in Reveived heade…

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Mike Cardwell
Datum:  
To: Exim Mailing List
Neue Treads: [exim] forall - forany - map - filter, [exim] Latest expansion operators
Betreff: Re: [exim] Applying Blacklists to EVERY IP in Reveived headers - working !!!!
* on the Thu, Jun 07, 2007 at 11:59:13AM -0400, Dean Brooks wrote:

>>> I think you are right. How can we work around that? Can we check all IP
>>> addresses EXCEPT the last one?
>> And if the last address is my RFC1918 address connecting to my mail server
>> inside my network before relaying via a smarthost? So now you exempt the
>> last two addresses...
> This example is specifically why this cannot easily, if at all, be
> done within an ACL. You would need to walk up the list of received
> headers to find the first real address before making an evaluation,
> and even then, care has to be taken for any forged addresses/headers that
> may be present.


I disagree. This could all be done fairly easily in exim it's self
without having to resort to an external program. Especially using
the latest expansion operators:

${forall}
${map}
${filter}

The messy recursive acl seen earlier in this thread was only necessary
because the ${forall} function never existed when I wrote it. A much
cleaner acl would be possible now. However, I can't be arsed to
install the latest version of exim in order to get access to these
functions just to prove a point.

> This sort of intelligence is best left to readsocket{} calls or
> imbedded perl.


Those should only be used as a last resort imo.

Mike