Re: [exim] Blacklisting users from sending out mails.

Hi Odhiambo,

Let me give you a brief context:

Its a cpanel server. I was using the above given conditions under
acl_smtp_data. I was trying to automate it by adding the content in the
file /etc/exim.conf.local [the data in file /etc/exim.conf.local is apended
to /etc/exim.conf, when /scripts/buildeximconf is run].

What I added was :

-----------
acl_smtp_datacustom:

# Deny Messages if they are not from local_domains (Spoof prevention)
discard message = Message denied - From address spoofing attempt detected
! condition = ${if match{$h_from:}{$primary_hostname} {true}{false}}
! condition = ${if eq{${sg{${extract{2}{@}{$h_from:}}}{>|
.*}{}}}{${lookup{${sg{${extract{2}{@}{$h_from:}}}{>|
.*}{}}}lsearch{/etc/localdomains}{${sg{${extract{2}{@}{$h_from:}}}{>|
.*}{}}}{false}}}}
! condition = ${if eq{${sg{${extract{2}{@}{$h_from:}}}{>|
.*}{}}}{${lookup{${sg{${extract{2}{@}{$h_from:}}}{>|
.*}{}}}lsearch{/etc/remotedomains}{${sg{${extract{2}{@}{$h_from:}}}{>|
.*}{}}}{false}}}}
! condition = ${if eq{${sg{${extract{2}{@}{$h_to:}}}{>|
.*}{}}}{${lookup{${sg{${extract{2}{@}{$h_to:}}}{>|
.*}{}}}lsearch{/etc/localdomains}{${sg{${extract{2}{@}{$h_to:}}}{>|
.*}{}}}{false}}}}
! condition = ${if eq{${sg{${extract{2}{@}{$h_to:}}}{>|
.*}{}}}{${lookup{${sg{${extract{2}{@}{$h_to:}}}{>|
.*}{}}}lsearch{/etc/remotedomains}{${sg{${extract{2}{@}{$h_to:}}}{>|
.*}{}}}{false}}}}


...
...

acl_smtp_data = acl_smtp_datacustom
-----------

The issue with this is, only the checks/conditions under
'acl_smtp_datacustom:' will be checked. The default 'acl_smtp_data:' has
many other important checks/conditions.

Another approach is to just append all the default checks/conditions to the
file /etc/exim.conf.local, which is around 100+ lines of code and is
difficult to manage.

I tried to add the above acl condition under 'acl_smtp_predata:', but it
didn't work as expected, because header lines added by MAIL or RCPT ACLs
are not visible at 'acl_smtp_predata:', but is visible at acl_smtp_data
level :(

Is there any other acl where I can add the above given condition and make
it work? And as the ACL approach was not working as my requirement, I
thought of adding it under router.

Also, as per my understanding the flow of acl calls is like:

acl_smtp_connect -> acl_smtp_mail -> acl_smtp_rcpt -> acl_smtp_predata ->
acl_smtp_data -> acl_smtp_quit

Is that correct? Please assist.

Thanks in advance.

--
Soumya