Christopher Meadors wrote: > Marc Perkel wrote:
>
>> In addition to all the standard ACLs I'd like to suggest a headers acl
>> that would run at the blank line between the headers and the message.
>> That way I can take action without having to wait for all the data to be
>> transfered.
>>
> What action would you be taking? No client will accept a response at
> that point. So only two of the ACL verbs would be valid, "accept" to
> keep on going and "drop", to just disconnect the sender. Dropping
> malware connections may be OK, but if there is a chance that the other
> end is a real mail server it would amount to confusion as to why the
> connection went away without any sort of error message. The "drop" verb
> does still offer an error line before closing the connection; that
> wouldn't be possible here.
>
> If you notice all the ACLs are triggered by the SMTP conversation. They
> allow the admin to tailor Exim's responses when it is time to give a
> reply to the sender. There is nothing for the server to do during the
> DATA portion except sit and listen.
>
>