[exim] ACL_CHECK_RCPT

Páxina inicial
Borrar esta mensaxe
Responder a esta mensaxe
Autor: Grant Peel
Data:  
Para: exim-users
Asunto: [exim] ACL_CHECK_RCPT
Hi all,

Just reviewing my configure file.

If anyone has the time, could you please review the order, I am still tring to get my head tightly wrapped ouround the verbs, and thier required order.
(when a mail is rejected, accepted ....), i.e. when processing of the stops and the mail is accepted or rejected.

TIA,

-Grant

acl_check_rcpt:
        accept  hosts           = :
        deny    message         = rejected because $sender_host_address was \
                                found in our blacklist
                hosts           = +blacklisted_domains
                log_message     = BLACKLISTED domain found in $blacklisted_domains
        deny    senders         = :
                dnslists        = ips.backscatterer.org
        message                 = This message looks like a bounce, and your server is listed at \
                                ips.backscatterer.org, so I assume that this is "backscatter". \
                                Please configure your mail server to not send "backscatter spam". \
                                For advice, try http://www.dontbouncespam.org/
                                log_message = BACKSCATTER - INCOMING
        deny    local_parts     = ^.*[@%!/|] : ^\\.
        deny    senders         = :
                condition       = ${if ! eq{$recipients_count}{1}{1}}
                message         = Bounces must have only a single recipient
                log_message     = BACKSCATTER - MULTIPLE RECIPIENT
        warn set acl_m2         = ${lookup mysql{GREYLIST_TEST}{$value}{0}}
        defer   ! hosts         = +whitelist
                ! hosts         = +relay_from_hosts
                ! authenticated = *
                condition       = ${if eq{$acl_m2}{0}{yes}}
                condition       = ${lookup mysql{GREYLIST_ADD}{yes}{no}}
                message         = Now greylisted - please try again in 1 minute.
                log_message     = ADDING TO GREYLIST
        defer   ! hosts         = +whitelist
                ! hosts         = +relay_from_hosts
                ! authenticated = *
                condition       = ${if eq{$acl_m2}{1}{yes}}
                message         = Still greylisted - please try again in 1 minute.
                log_message     = STILL GREYLISTED
        defer
                ! hosts         = +whitelist
                ! hosts         = +relay_from_hosts
                ! authenticated = *
                condition       = ${lookup mysql{GREYLIST_UPDATE}{no}{no}}
                message         = Greylist update failed
                log_message     = GREYLIST UPDATE FAILED
        require verify          = sender
        accept  hosts           = +spf_bypass
                spf             = fail
                logwrite        = SPF - REFLEXION $sender_host_address is OK for \
                                $sender_address_domain
        deny    message         = SPF - INCOMING $sender_host_address \
                                is not allowed to send mail from $sender_address_domain
                spf             = fail
        accept  domains         = +local_domains
                condition       = ${if eq{$acl_m2}{0}{yes}}
                condition       = ${lookup mysql{GREYLIST_ADD}{yes}{no}}
                message         = Now greylisted - please try again in 1 minute.
                log_message     = ADDING TO GREYLIST
        defer   ! hosts         = +whitelist
                ! hosts         = +relay_from_hosts
                ! authenticated = *
                condition       = ${if eq{$acl_m2}{1}{yes}}
                message         = Still greylisted - please try again in 1 minute.
                log_message     = STILL GREYLISTED
        defer
                ! hosts         = +whitelist
                ! hosts         = +relay_from_hosts
                ! authenticated = *
                condition       = ${lookup mysql{GREYLIST_UPDATE}{no}{no}}
                message         = Greylist update failed
                log_message     = GREYLIST UPDATE FAILED
        require verify          = sender
        accept  hosts           = +spf_bypass
                spf             = fail
                logwrite        = SPF - REFLEXION $sender_host_address is OK for \
                                $sender_address_domain
        deny    message         = SPF - INCOMING $sender_host_address \
                                is not allowed to send mail from $sender_address_domain
                spf             = fail
        accept  domains         = +local_domains
                endpass
                message         = unknown user
                verify          = recipient
        accept  domains         = +relay_to_domains
                endpass
                message         = unrouteable address
                verify          = recipient
        accept  hosts           = +relay_from_hosts
        accept  authenticated   = *From jmc@??? Thu Jan 29 10:18:38 2009
Envelope-to: exim-users@???
Received: from ruby.xisl.com ([62.253.222.12]:52176)
    by tahini.csx.cam.ac.uk with esmtp (Exim 4.69)
    (envelope-from <jmc@???>) id 1LSTyh-0005ed-L6
    for exim-users@???; Thu, 29 Jan 2009 10:18:38 +0000
Received: from ruby.xisl.com (localhost [127.0.0.1])
    by ruby.xisl.com (8.13.8/8.13.8) with ESMTP id n0TAIVNS011097
    for <exim-users@???>; Thu, 29 Jan 2009 10:18:31 GMT
Received: (from jmc@localhost)
    by ruby.xisl.com (8.13.8/8.13.8/Submit) id n0TAIVpX011094
    for exim-users@???; Thu, 29 Jan 2009 10:18:31 GMT
X-Authentication-Warning: ruby.xisl.com: jmc set sender to jmc@??? using
    -f
From: John M Collins <jmc@???>
To: exim-users <exim-users@???>
Organization: Xi Software Ltd
Date: Thu, 29 Jan 2009 10:18:31 +0000
Message-Id: <1233224311.31416.366.camel@ruby>
Mime-Version: 1.0
X-Mailer: Evolution 2.8.0-1mdv2007.0
X-Spam-Score: -1.7 (-)
X-Spam-Status: No, scoreÑ.7 required~0 tests÷L.045, BAYES_00Ñ.5,
    EXIM_ACLÑ.2, HTML_30_40.374,
    HTML_MESSAGE.6 autolearnŠm version^1.8
X-Mailman-Approved-At: Fri, 30 Jan 2009 08:45:18 +0000
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
X-Content-Filtered-By: Mailman/MimeDel 2.1.9
Subject: [exim] Question about ACL condition syntax with "and" and "or"
X-BeenThere: exim-users@???
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: A user list for the exim MTA <exim-users.exim.org>
List-Unsubscribe: <http://lists.exim.org/mailman/listinfo/exim-users>,
    <mailto:exim-users-request@exim.org?subject¾subscribe>
List-Archive: <http://lists.exim.org/lurker/list/exim-users.html>
List-Post: <mailto:exim-users@exim.org>
List-Help: <mailto:exim-users-request@exim.org?subjectŽlp>
List-Subscribe: <http://lists.exim.org/mailman/listinfo/exim-users>,
    <mailto:exim-users-request@exim.org?subject¥bscribe>
X-List-Received-Date: Thu, 29 Jan 2009 10:18:38 -0000


Please CC me on jmc AT XISL DOT com as I'm not subscribed

Having the limit on spamassassin scan sizes means that I get spam with
huge pictures, however nearly all of it is sent to domain names which we
host for certain websites but we don't ever take mail for.

So I'd like to reject mail over a certain size if it doesn't have a
"To:" line in the header or if it does but it goes to a domain which we
host but don't usually take mail for.

I'm struggling to get the syntax for this right.

Currently I've got (splitting over several lines without \s)


deny condition ${if and {
                            {>Ômessage_size}{100000}}}
                {or {
                    {!def:h_To: {1}}
                    {${lookup{$h_To:} nwildlsearch{CONFDIR/Rare-domains}{1}}
                 }
                }
              }
           }
   message   Your message to $h_To: (not used for email) is too large and is rejected



But Exim objects: invalid "condition" value " {1}}}}"

Please someone advise me how to write this.

I also want to do something similar with the spamassassin score test so
that it rejects the message as spam on 1.0 points rather than 10.0
points if there's no To: line or it's in the file of "rare domains" and
that is more complicated as it has to be

reject if score > 10.0 OR (score > 1.0 AND (no To: line OR in
Rare-domains file))

Thanks.


John Collins Xi Software Ltd www.xisl.com