Gary Stainburn <gary.stainburn@???> (Di 31 Dez 2013 12:17:35 CET):
> Hi folks,
>
> I'm still looking at setting up rate limiting on my servers. The basic setup I
> put in before Christmas had made a great difference to the hammering my
> servers are getting but it is blocking some genuine emails too.
>
> Therefore I'm trying to set up an exclude list, including trusted servers.
> I've got the following code:
>
> warn
> # GPS added 2013-12-31
> # rate limit anything except: local LAN, hosts in /etc/exim/no_rate_limit
> hosts = !+internal_lan
> condition = ${if ${lookup{$sender_helo_name} \
> partial-lsearch{/etc/exim/no_rate_limit}} {no}{yes} }
> ratelimit = 100 / 5m / strict
> log_message = RATE UPDATE: $sender_rate/$sender_rate_period \
> (max $sender_rate_limit)
>
> However, I then get the following error.
>
> 2013-12-31 11:08:06 H=mta20134.pur3.net [94.236.20.134] temporarily rejected
> MAIL <agent@???>: failed to expand ACL string "${if
> ${lookup{$sender_helo_name} partial-lsearch{/etc/exim/no_rate_limit}} {no}
> {yes} }": condition name expected, but found "${lookup{$sender"
The "${if" expects a condition, something like "eq", "or", "match", …
Your line could be rewritten as:
condition = ${lookup{$sender_helo_name}\
partial-lsearch{/etc/exim/no_rate_limit}\
{no}{yes}}
If the lookup succeeds, return "no", otherwise return "yes".
The ${if isn't necessary.
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de ---------------------------- internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome --------------- key ID: 7CBF764A -
gnupg fingerprint: 9288 F17D BBF9 9625 5ABC 285C 26A9 687E 7CBF 764A -
(gnupg fingerprint: 3061 CFBF 2D88 F034 E8D2 7E92 EE4E AC98 48D0 359B)-
