Hi,
I am trying to add spoof prevention acl at acl_smtp_datacustom [which
inturn calls acl_smtp_data]. But the problem is its rejecting incoming
mails as well at times. The acl I used was:
----------------------------------------------------------
acl_smtp_data = acl_smtp_data_custom
acl_smtp_data_custom:
# Deny Messages if their to/from is not hosted in the server (Spoof
prevention)
discard message = Message denied - From address spoofing attempt
detected via SMTP ( From address: $h_from )
! condition = ${if match{$h_from:}{$primary_hostname} {true}{false}}
! condition = ${if eq{${sg{${extract{2}{@}{$h_from:}}}{>|
.*}{}}}{${lookup{${sg{${extract{2}{@}{$h_from:}}}{>|
.*}{}}}lsearch{/etc/localdomains}{${sg{${extract{2}{@}{$h_from:}}}{>|
.*}{}}}{false}}}}
! condition = ${if eq{${sg{${extract{2}{@}{$h_from:}}}{>|
.*}{}}}{${lookup{${sg{${extract{2}{@}{$h_from:}}}{>|
.*}{}}}lsearch{/etc/remotedomains}{${sg{${extract{2}{@}{$h_from:}}}{>|
.*}{}}}{false}}}}
! condition = ${if eq{${sg{${extract{2}{@}{$h_to:}}}{>|
.*}{}}}{${lookup{${sg{${extract{2}{@}{$h_to:}}}{>|
.*}{}}}lsearch{/etc/localdomains}{${sg{${extract{2}{@}{$h_to:}}}{>|
.*}{}}}{false}}}}
! condition = ${if eq{${sg{${extract{2}{@}{$h_to:}}}{>|
.*}{}}}{${lookup{${sg{${extract{2}{@}{$h_to:}}}{>|
.*}{}}}lsearch{/etc/remotedomains}{${sg{${extract{2}{@}{$h_to:}}}{>|
.*}{}}}{false}}}}
warn
set acl_m_accepted = no
acl = acl_smtp_data
set acl_m_accepted = yes
accept
condition = ${acl_m_accepted}
# END acl_smtp_data_custom
----------------------------------------------------------
The logic is like,
If either from address domain part or to address domain part is in files
/etc/remotedomains or /etc/localdomains then allow to send mail.
I am not sure where I am wrong. I tried to use the same acl in
acl_smtp_predata, but $h_to, $h_from dosen't have values at the acl.
Is there any other way I can do it. Please assist.
--
Regards,
Soumya
