Re: [exim] omit sender verification to certain IPs - possibl…

Páxina inicial
Borrar esta mensaxe
Responder a esta mensaxe
Autor: Heiko Schlittermann
Data:  
Para: exim-users
Asunto: Re: [exim] omit sender verification to certain IPs - possible?
Torsten Luettgert <t.luettgert@???> (Di 21 Apr 2009 18:29:05 CEST):
> Hello all,
>
> we've been using sender verification callouts for a while now,
> and it still kills a lot of spam.
>
> But alas, in these modern times, there are honeypot addresses
> which sometimes appear as sender addresses in spam and cause our
> box to be blacklisted because it tries to verify the address.
> This is mainly uceprotect. I won't comment on them here.
>
> Ok, now here's the question after all this build-up: can I skip
> sender verification for certain IP addresses? I can of course
> filter by the IP of the sending host, but that's not what I want -
> I want to skip the verify if the target is one of those honeypot
> addresses.


It depends on your ACL configuration. Always you can emply the
$sender_host_address variable. Or you can use the 'hosts = ..' ACL item.


    # "sub"-ACL
    acl_sender_verify:


        accept hosts   = <LIST OF SENDER IPs YOU WANT TO SKIP>
        accept verify  = sender/callout
        deny   message = sender verification failed


    # the "normal" RCPT-ACL
    acl_check_rcpt:
        ...


        require acl = acl_sender_verify


I'm sure there is a more elegant solution, but this is, what just now
comes into my mind.

    Best regards from Dresden/Germany
    Viele Grüße aus Dresden
    Heiko Schlittermann
-- 
 SCHLITTERMANN.de ---------------------------- internet & unix support -
 Heiko Schlittermann HS12-RIPE -----------------------------------------
 gnupg encrypted messages are welcome - key ID: 48D0359B ---------------
 gnupg fingerprint: 3061 CFBF 2D88 F034 E8D2  7E92 EE4E AC98 48D0 359B -