SW & Work SaS wrote:
> Hello
>
> Thanks to your help I've done some step with the rules I'd like to setup
>
> in this case I would like to deny messages coming from certain users or
> certain domains
> but, as the users/domains can change a little, just keeping a base I would
> like to see if there's a match with part of the string
>
> I came to this
>
>
> deny
> condition =
> ${lookup{$sender_address}wildlsearch{/etc/myaclsenderdeny}{yes}{no}}
> message = TO $header_to is unwelcome_01 - SUBJECT: $header_subject
>
>
> myaclsenderdny is a text file that contains the strings to look for in the
> $sender_address that, if I've understood, is the same as $header_from (from
> field)
No - not necessarily.
If you want to match on $header_from:, you will need to so specify.
Keep in mind that not all information is available 'early'.
> the strings are contained one per row
> for example
>
> ...
> sample
> mytest
> firstpart@
> @second
> bottom.com
> ...
>
File format will be 'perceived' differently by different lookup types.
I use MANY lookup types against ONE file, with a format of this sort:
wbh@??? # to block a specific address
*conducive.org # to block an entire domain.tld
*tv # to block an entire .tld
The first has no wildcards, obviously.
For the others, note the PRESENCE of a '*' wildcard and the ABSENCE of a
',' dot, and makes sure that does what you actually want for YOUR use,
as we are not doing quite the same thing with this file.
> if I understood well wildlsearch does the search and it is not case
> sensitive to lowercase or uppercase will match the same
> if the one of the strings contained into the file matches part of
> $sender_address thre should be the deny.
>
If you want to search WITHIN a string, a different method may be more
controllable:
Ex:
# DATA_SCAN_01A1: IF message is from known spam-engine THEN deny
#
deny
regex = ^Received:: .*PowerMTA
Note here that there is specialized notation that tells the regex what
to look AT (the ^Received::) and where to initiate and cease looking for
a match - in this case - after ANY leading characters.
If you are looking for prefixes, something else is wanted.
> Well, I say "should" because here come my email and help request
> I've tried to put the three lines under acl_smtp_rcpt and acl_smtp_data but
> no luck, the email is sent anyway.
>
> Surely I'm doing something wrong,
> hope someone can help
>
> TIA
> Flaviano
>
>
Problem is primarily the expectation that $sender_address == $header_to
Add, whre you are testing:
logwrite = $sender_address $header-to
...and you'll see what Exim sees at that point in time.
Bill
--
韓家標
