On Wed, Aug 12, 2009 at 5:47 PM, Todd Lyons <tlyons@???> wrote:
> On Wed, Aug 12, 2009 at 3:27 PM, Amrahd Droflow<exim.talk@???>
> wrote:
> >
> > acl_smtp_rcpt = check_recipient
> > acl_smtp_auth = check_auth
>
> Want to see the two acl's above.
>
> > check_recipient:
> > *...snip...*
> >
> > Please let me know any ideas you have... I can post more/specific parts
> of
> > the config file too of course.
>
> Show what comes after the snip, and also show the check_auth acl.
>
> --
> Regards... Todd
>
Hi Todd,
Thanks for looking at this... here are the sections you wanted to see:
######################################################
check_recipient:
accept hosts = +whitelist
endpass
accept authenticated = *
encrypted = *
accept condition = ${if eq{$interface_port}{587}{1}{0}}
endpass
message = SMTP AUTH required for port 587
authenticated = *
accept senders = /usr/local/etc/exim/relayers
endpass
deny log_message = SPAM RBL $dnslist_domain
message = Your IP address is listed as a Dynamic IP. You cannot send
to $domain
hosts = !+relay_from_hosts
domains = blank.edu:blank.com
dnslists = dul.dnsbl.sorbs.net
deny message = Invalid address
senders = \N^\.|\.@\N
deny sender_domains = example.com
log_message = FILTER RELAY Attempted Spam Relay
deny senders = lsearch;/usr/local/etc/exim/blacklist-senders
log_message = FILTER RELAY Attempted Spam Relay
accept sender_domains = webmail.blank.com
endpass
deny message = Restricted characters in address
log_message = FILTER CHARS Restricted characters in address
local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./ : ^.*[@%!/|] :
^\\.
accept local_parts = postmaster
domains = +local_domains : +relay_domains
require verify = sender
log_message = INVALID SENDER $sender_host_name
$sender_host_address
accept message = Invalid sender: $local_part@$domain :Blocked Bounce
Message
senders = :
log_message = FILTER BOUNCEBLOCK Blocked Bounce Message
endpass
verify =
recipient/callout=4m,maxwait=4m,connect=30s,use_sender
drop message = I don't take more than 20 RCPTs for $domain
domains = +local_domains : +relay_domains
log_message = FILTER RCPTLIMIT RCPT Limit Reached
condition = ${if > {$rcpt_count}{20}}
accept message = Invalid recipient: $local_part@$domain
domains = +relay_domains : +local_domains
log_message = INVRCPT DOMAIN Invalid Recipient Check - Domains
endpass
verify =
recipient/callout=4m,maxwait=4m,connect=30s/callout_defer_ok
deny message = $sender_host_address is not allowed to send mail from
$sender_address_domain
log_message = SPF BLOCK Sender $sender_host_address is not
allowed to send mail from $sender_address_domain
sender_domains = !+local_domains
spf = fail
deny message = AOL sender, but not from AOL-approved relay.
log_message = SPF BLOCK Sender $sender_host_address is not
allowed to send mail from $sender_address_domain
sender_domains = aol.com
spf = fail:neutral
accept message = Invalid recipient: $local_part@$domain
hosts = +relay_from_hosts
log_message = INVRCPT IP Invalid Recipient Check - IP
endpass
verify =
recipient/callout=4m,maxwait=4m,connect=30s,use_sender/callout_defer_ok
deny hosts = *
encrypted = *
!encrypted = DES-CBC3-SHA:IDEA-CBC-MD5:AES256-SHA
deny message = No dictionary attacks!
condition = ${if > {$rcpt_fail_count}{1} {yes}{no}}
!verify = recipient
delay = ${eval: ($rcpt_fail_count) * 60}s
log_message = SPAM DICT $rcpt_fail_count failed recipient
attempts
accept domains = +local_domains : +relay_domains
accept hosts = +relay_from_hosts
accept hosts = +auth_relay_hosts
endpass
verify = recipient/defer_ok/callout=10s/callout_defer_ok
message = authentication required
authenticated = *
encrypted = *
deny message = RELAYING NOT ALLOWED
log_message = RELAYING NOT ALLOWED
check_message:
accept condition = ${if eq {${hmac{md5}\
{blankmail}\
{$body_linecount}}}\
{$h_X-Scan-Signature:} {1}{0}}
require verify = header_syntax
require verify = header_sender
deny senders = :
message = Rejected: A valid sender is required for bounces
!verify = header_sender
deny message = This message contains a MIME error ($demime_reason)
log_message = MALWARE MIMEERR ($demime_reason)
demime = *
condition = ${if >{$demime_errorlevel}{2}{1}{0}}
deny message = This message contains an unwanted file extension
($found_extension)
log_message = MALWARE EXTENSION $found_extension
demime = ade:adp:bas:bat:chm:cmd:com:cpl:crt:eml:exe:\
hlp:hta:inf:ins:isp:jse?:lnk:mdb:mde:msc:msi:msp:mst:\
pcd:pif:reg:scr:sct:shs:url:vbs:vbe:wdf:wsh:wsc
deny message = X-VIRUS: This message contains malware ($malware_name)
log_message = MALWARE VIRUS $malware_name
condition = ${if >={$message_size}{200k}{1}{0}}
malware = *
deny message = This message matches a blacklisted regular expression
($regex_match_string)
log_message = MALWARE REGEX $regex_match_string
condition = ${if >={$message_size}{200k}{1}{0}}
regex = [Vv] *[Ii] *[Aa] *[Gg] *[Rr] *[Aa]
regex = [Vv][Ii][Aa][Gg][Rr][Aa]
regex = [Vv] *[Pp] - *[Rr] *[Xx]
regex = [Cc] *[Ii] *[Aa] *[Ll] *[Tt] *[Ii] *[Ss]
regex = [Cc][Ii][Aa][Ll][Tt][Ii][Ss]
accept log_message = Accepted: Message over 200k - $message_size
message = Accepted: Message over 200k - $message_size
condition = ${if >={$message_size}{200k}{1}{0}}
warn message = X-Spam-Flag: YES
log_message = X-Spam-Flag: YES
spam = nobody
condition = ${if >{$spam_score_int}{50}{1}{0}}
deny message = This is spam: Rejected
log_message = SPAM LIMIT $spam_score
spam = nobody
condition = ${if >{$spam_score_int}{100}{1}{0}}
warn message = X-Scan-Signature: ${hmac{md5}{blank} {$body_linecount}}
accept
check_auth:
accept hosts = +auth_relay_hosts
accept hosts = +local_domains
endpass
message = STARTTLS required before AUTH
encrypted = *
accept
begin authenticators
login:
driver = plaintext
*...snip...*
######################################################
Thanks again for taking a look at this...
Amrahd
