Re: [exim] Blacklist a domain from sending mail

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Heiko Schlittermann
Date:  
À: exim-users
Sujet: Re: [exim] Blacklist a domain from sending mail
Hi,

soumya tr <soumya.324@???> (Di 12 Mär 2013 08:50:34 CET):
> > Do you want to block mails *coming from* some domain?
> > Or do you want to block mails *going to* some domain?
> >
> > The domain in question is hosted on *your* Exim host, or is hosted
> > somewhere else?
> >
> >
> The domain is hosted in my server [eg: abc.com]. And I want to block mails
> coming from [*@abc.com], that is originating from the server itself. Hope
> you understood what I meant.


Ok, understood.


In case the messages are originated from your own host, they can be
"injected" via a local protocal (using sendmail) or via TCP. Both ways
can be blocked with ACL rules.

First we need to setup an acl for non-SMTP messages

…
acl_smtp_rcpt = acl_check_rcpt      
acl_not_smtp  = acl_local           
…



Now we create a "sub acl" to be reused later

    # this returns true(!) if the sender domain is on the black list
    is_blacklisted:
        accept  message = blacklisted for local reasons
                sender_domains = …



And then reuse this in several places:

    acl_local:


        deny    acl = is_blacklisted
        accept


    acl_check_rcpt:


        deny    acl = is_blacklisted
        …



But of course you should think about some rules to allow messages *from*
the bad domain to your postmaster! They need a chance to complain! :)

    Best regards from Dresden/Germany
    Viele Grüße aus Dresden
    Heiko Schlittermann
-- 
 SCHLITTERMANN.de ---------------------------- internet & unix support -
 Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
 gnupg encrypted messages are welcome --------------- key ID: 7CBF764A -
 gnupg fingerprint: 9288 F17D BBF9 9625 5ABC  285C 26A9 687E 7CBF 764A -
(gnupg fingerprint: 3061 CFBF 2D88 F034 E8D2  7E92 EE4E AC98 48D0 359B)-