[exim] trouble with a condition on a deny

Top Page
This message is part of the following thread:
M-+\the complete thread tree sorted by date
M\MM 
MM.MLena at ->
Delete this message
Reply to this message
Author: Chad Leigh
Date:  
To: exim-users
Subject: [exim] trouble with a condition on a deny

Hi All.

I am having an issue coming up with the correct syntax on a deny. I want to deny where the FROM: address is in the recipients list and the sender is NOT authenticated. (And I have similar rules that check the sender instead of from:. However, I want to exclude mailing list postings, for example, or all mail to a specific local domain. The idea is that all valid users of the system, for domains we host, should not be sending mail to themselves or others in their domains EXCEPT through our smtp servers. Things that legitimately place the FROM: address like a mail list posting, that is not originating with our servers, should be excepted. And there may be a hosted domain or two that we need to exclude. (The reason is that we still see lots of spam being sent where they put in the recipients email address as the FROM: address to try and "sneak" it past filters, and similar shenanigans. Not as much as a few years ago, but still a significant number a day. The example rules is but one of a bunch that trap on similar "sneakiness"

All these are in the ACL after the DATA (check_message: in my case, which was from the exim3 to exim4 auto convert process) (the error code is a bogus thing for them to digest :) )

The lines 

        deny    message = *************************** go away from impostor!  (error code XXFA)
        condition = ${if match_address{${address:$header_from:}}{$recipients}{yes}{no}}
        !authenticated = *


will block when the FROM and recipients match and it is not authenticated, and is what I am using, but it blocks the list sourced mail messages sent by our users to mailing lists when they come back through the list.

I have tried all of the following and various other tries similar and they don't work. They still block the mail from lists 

        deny    message = *************************** go away from impostor!  (error code XXFA)
       condition = ${if and { \
                       { match_address{${address:$header_from:}}{$recipients}} \
                       { !match{lc:$header_Precedence:}{"list"}} \
                            }{yes}{no}}
        !authenticated = *



and 

        deny    message = *************************** go away from impostor!  (error code XXFA)
        condition = ${if match_address{${address:$header_from:}}{$recipients}{yes}{no}}
        condition = ${if !match{lc:$header_Precedence:}{"list"}{yes}{no}}
        !authenticated = *


and 

        deny    message = *************************** go away from impostor!  (error code XXFA)
        condition = ${if match_address{${address:$header_from:}}{$recipients}{yes}{no}}
        !condition = ${if match{lc:$header_Precedence:}{"list"}{yes}{no}}
        !authenticated = *




Any guidance on properly specifying the condition would be appreciated.

Thanks
Chad


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] Exim Queue and Slow sending speed[exim] ACL to scan From: header is not working->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)