[exim] Denying mail from the same domain

Góra strony
Delete this message
Reply to this message
Autor: Juan Canham
Data:  
Dla: exim-users
Temat: [exim] Denying mail from the same domain
I want to put a rule in my ACLs that will deny relaying from/to the same
domain. All the server does is relaying so all the allowed domains are in
dc_relay_domains. I think I want to put something like

Drop $sender_address_domain= $domain in the acl_smtp_connect ACLs

Is that the right rule and is that the right place to put it?

The exim server is a backup relay for multiple separate domains running MS
exchange, I don't want any real anti-spam on the server but currently it is
being used to backscatter the exchange servers. While mail could
legitimately be from one host to another, no internal emails will ever be
going though the server, so this rule will prevent plenty of SPAM but can't
possibly catch HAM. Is there a better way to do what I want? Am I right
thinking it will work?


Juan Canham



Tel:    0800 2922 230


Fax:    0207 265 0249


Email:  mailto:Juan@supporttree.co.uk
Web:    www.supporttree.co.uk


18A Ensign Street London
E1 8JD

This message contains confidential information and is intended only for exim-users@???. If you are not exim-users@??? you should not disseminate, distribute or copy this e-mail. Please notify Juan@??? immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. Juan Canham therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission. If verification is required please request a hard-copy version.


-----------------------------------------------------------------------------------------------------------------------------------------
This email message has been delivered safely and archived online by Mimecast.
A true SaaS solution, Mimecast provides the security, continuity and archiving for millions of emails, across thousands of customers every day.
For more information please visit http://www.mimecast.co.uk 
-----------------------------------------------------------------------------------------------------------------------------------------From prvs?0723b849Xim-users-20081202@??? Sat Jul 10 09:34:50 2010
Envelope-to: exim-users@???
Received: from mail.rudolf.org.uk ([91.84.196.3]:43678)
    by tahini.csx.cam.ac.uk with esmtp (Exim 4.72)
    (envelope-from <prvs?0723b849Xim-users-20081202@???>)
    id 1OXVWI-0004Vh-44
    for exim-users@???; Sat, 10 Jul 2010 09:34:50 +0100
Received: from davide by mail.rudolf.org.uk with local
    id 1OXVWG-0004d8-R6-1d82a1999fcae6b63618ce9520cb131682636eb6
    for exim-users@???; Sat, 10 Jul 2010 08:34:44 +0000
Date: Sat, 10 Jul 2010 09:34:44 +0100
From: Dave Evans <exim-users-20081202@???>
To: exim-users@???
Message-ID: <20100710083444.GA17278@???>
Mail-Followup-To: exim-users@???
References: <000401cb1f8d$96ba6980$c42f3c80$@???>
MIME-Version: 1.0
Content-Type: multipart/signed; micalggp-sha1;
    protocol*pplication/pgp-signature"; boundaryt4sUOijqQbZv57TR"
Content-Disposition: inline
In-Reply-To: <000401cb1f8d$96ba6980$c42f3c80$@???>
OpenPGP: idNA79249; url?tp://djce.org.uk/pgpkey
User-Agent: Mutt/1.5.18 (2008-05-17)
X-Spam-Score: -0.2 (/)
X-Spam-Status: No, score?.2 required~0 tests?L.940, BAYES_00?.5,
    EXIM_ACL?.2, EXIM_EXP_VAR?,
    FROM_ENDS_IN_NUMSN53 autolearn?m version^1.8
Subject: Re: [exim] Denying mail from the same domain
X-BeenThere: exim-users@???
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: A user list for the exim MTA <exim-users.exim.org>
List-Unsubscribe: <http://lists.exim.org/mailman/listinfo/exim-users>,
    <mailto:exim-users-request@exim.org?subject?subscribe>
List-Archive: <http://lists.exim.org/lurker/list/exim-users.html>
List-Post: <mailto:exim-users@exim.org>
List-Help: <mailto:exim-users-request@exim.org?subject?lp>
List-Subscribe: <http://lists.exim.org/mailman/listinfo/exim-users>,
    <mailto:exim-users-request@exim.org?subject?bscribe>
X-List-Received-Date: Sat, 10 Jul 2010 08:34:50 -0000



--T4sUOijqQbZv57TR
Content-Type: text/plain; charset?-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Fri, Jul 09, 2010 at 06:38:48PM +0100, Juan Canham wrote:
> I want to put a rule in my ACLs that will deny relaying from/to the same
> domain. All the server does is relaying so all the allowed domains are in
> dc_relay_domains. I think I want to put something like
>
> Drop $sender_address_domain= $domain in the acl_smtp_connect ACLs
>
> Is that the right rule and is that the right place to put it?


If you want to compare the sender's address to the recipient's, then the ACL
will need to be at acl_smtp_rcpt time (or possibly later); something like

  deny
     condition = ${if eq{$domain}{$sender_address_domain}}
     message = I don't like the look of you


should work.

That said, in the *general case* this can definitely end up blocking legit
mail, so personally I wouldn't use it. Whether it would do so for your
*specific* case though, I can't say.

Other approaches may well be worth the extra effort (e.g.: have Exim as the
MX, with spam filtering, with the Exchange servers behind; or only activate
the dumb relay servers if the Exchange server goes down).

Having a lower-priority MX server which has spam filtering inferior to its
higher-priority counterparts tends to produce disappointing results.

--
Dave Evans
http://djce.org.uk/
http://djce.org.uk/pgpkey

--T4sUOijqQbZv57TR
Content-Type: application/pgp-signature; name?ignature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkw4MKIACgkQnYOJTU6nkkm7lACfSEQ/kECYKs0md10WXvCJ2OCH
MWgAnRCoW76mwD/lZoOhoxFx0TOl5TXv
?lG
-----END PGP SIGNATURE-----

--T4sUOijqQbZv57TR--