Author: David Grant Date: To: Jasen Betts CC: exim-users Subject: Re: [exim] Denying spoofs of our domain in DATA without dropping
listserv traffic
On 6/14/13 4:26 AM, Jasen Betts wrote: > On 2013-06-13, David Grant <starchy@???> wrote:
>> Hi,
>>
>> I was testing the following in acl_check_data:
>>
>> accept hosts = +relay_from_hosts accept authenticated = * warn
>> set acl_m_from_address = ${lc:${address:$h_From:}} ... deny
>> condition = ${if match{$acl_m_from_address}{@???}{yes}{no}}
>>
>> This worked to prevent spam where the sender spoofed an eff.org
>> address only in DATA, but created a problem when users signed up
>> for mailing lists on remote servers. Their own messages to the
>> list would be dropped when emailed back to them (or any other
>> eff.org subscribers) because mailman was effectively spoofing our
>> domain.
>
> perhapd exempt list traffic from that deny?
>
> deny condition = ${if
> match{$acl_m_from_address}{@???}{yes}{no}} condition = ${if !eq
> {$h_Precedence:}{list}}
This worked with an additional check for "Precedence: bulk" since we
also don't want drop our own newsletter, which is mailed from a
third-party service.