On Tue, Jan 26, 2010 at 09:39:33AM +0000, Mike Cardwell wrote:
> > The only means by which I think I can restrict traffic so that it *truly*
> > comes from within the hotel's IP address, is to make it so that the emails
> > must have *only one* 'Received: from' header.
> >
> > If the email was truly from just within the hotel's network, it would only
> > have the header below (i.e. only one 'Received: from' header)
> >
> > Any way to do this?
>
> I think you should be able to put this in your acl_smtp_data acl:
>
> deny condition = ${if !eq{$h_Received:}{}}
> message = Received headers not allowed
>
> MUAs shouldn't be adding their own received headers before submitting
> messages to your server.
Messages can legitimately have more than one "Received" header (though
admittedly one is by far the most common case). You may end up blocking some
legit mail by mistake.
Also, isn't Exim's own "Received" header added before the acl_smtp_data is
run? In which case that above ACL would block *all* mail? I would have
thought you'd want something like (totally untested):
condition = ${if match{$h_Received:}{\\n}}
--
Dave Evans
http://djce.org.uk/
http://djce.org.uk/pgpkey