Re: [exim] Abuse Bypassing SA when in To or CC

Páxina inicial
Borrar esta mensaxe
Responder a esta mensaxe
Autor: Magnus Holmgren
Data:  
Para: exim-users
Asunto: Re: [exim] Abuse Bypassing SA when in To or CC
On tisdagen den 22 januari 2008, Gaurav Pruthi wrote:
> How can i modify this acl to run SA in case it has more recepient other
> than abuse, postmaster or MAILER-DAEMON.


I use an ACL variable rather than adding a header that can be spoofed.

  accept  local_parts = postmaster : abuse
  deny    message = Client host [$sender_host_address] is listed in \ 
                    $dnslist_domain ($dnslist_text)
          dnslists = zen.spamhaus.org : list.dsbl.org : dnsbl.njabl.org
  accept  set acl_m0 = canreject


For the case where SA isn't supposed to run at all, I set acl_m0 to "noscan".
Then in sa-exim.conf I have

SAEximRunCond: ${if !eq {$acl_m0}{noscan}}
SAEximRejCond: ${if eq{$acl_m0}{canreject}}

You can see these as examples in sa-exim.conf if you're running Debian.

-- 
Magnus Holmgren        holmgren@???
                       (No Cc of list mail needed, thanks)


"Exim is better at being younger, whereas sendmail is better for
Scrabble (50 point bonus for clearing your rack)" -- Dave Evans