Re: [exim] Filter spam by ACL from FAQ

Pàgina inicial
Delete this message
Reply to this message
Autor: Фадеев Виталий Львович
Data:  
A: exim-users
Assumpte: Re: [exim] Filter spam by ACL from FAQ
I forgot to comment that this ACL doesnt work in Exim 4.84


Tue, 02 Dec 2014 13:11:32 +0300 от Фадеев Виталий Львович <fvl@???>:
>Hi!
>Please, write proper ACL to FAQ:
>
>https://github.com/Exim/exim/wiki/AclHeloTricks
>
>HELO contain a IP part
>drop   message        = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid
>       condition      = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}}
>       condition      = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}}{$sender_helo_name}{no}{yes}}
>       delay          = 45s

>
>HELO contain my domains, subdomains or my interface by dns lookup
>
>drop   message        = No you are not ME or OURS (HELO was $sender_helo_name and equal my interface hostname)
>       condition      = ${if !def:interface_address {no}{yes}}
>       condition      = ${if match_ip{$interface_address}{${lookup dnsdb{>: defer_never,a=$sender_helo_name}}}{yes}{no}}
>       delay          = 45s

>
>HELO not contain a full host (ex: host.domain.com)
>drop   message        = Invalid domain or IP given in HELO/EHLO (HELO was $sender_helo_name)
>       condition      = ${if match{$sender_helo_name}{.+\\\..+\\\..+}{no}{yes}}
>       !authenticated = *
>       !senders       = wildlsearch;/etc/exim4/lst/skp_helodot
>       !hosts         = +ignore_defer : +ignore_unknown : +relay_from_hosts : net-iplsearch;/etc/exim4/lst/skp_heloadsl
>       condition      = ${if match_ip{$sender_host_address}{${lookup dnsdb{>: defer_lax,a=${lookup dnsdb{>: defer_lax,mxh=$sender_address_domain}}}}}{no}{yes}}
>       delay          = 45s
>https://github.com/Exim/exim/wiki/Verification

>
>Contain ADSL in reverse, checked or unchecked
>
>drop   message          = Helo is ADSL or DIAL (HELO was $sender_helo_name) and your ip $sender_host_address not is a MX/SPF of domain <$sender_address_domain>
>         !senders       = :
>         condition      = ${if match {$sender_helo_name}{\N\d+\.\d+\.\d+\.\d+|\d+-\d+-\d+-\d+|host|dsl|dial|broad|band|user|dhcp|pool|client|cable|pppoe|hsd|dyn|static|ppp|speedy|customer\N}{yes}{no}}
>         !hosts         = +ignore_defer : +ignore_unknown : net-iplsearch;/etc/exim4/lst/skp_heloadsl
>         condition      = ${if match_ip{$sender_host_address}{${lookup dnsdb{>: defer_lax,a=${lookup dnsdb{>: defer_lax,mxh=$sender_address_domain}}}}}{no}{yes}}
>         !spf           = pass
>         delay          = 45s

>
>drop   message          = Reverse verified ($sender_host_name) is ADSL or DIAL, Helo $sender_helo_name not is $sender_host_address and your ip $sender_host_address not is a MX/SPF of domain <$sender_address_domain>
>         !senders       = :
>         condition      = ${if def:sender_host_name {true}{false}}
>         condition      = ${if match {$sender_host_name}{\N\d+\.\d+\.\d+\.\d+|\d+-\d+-\d+-\d+|host|dsl|dial|broad|band|user|dhcp|pool|client|cable|pppoe|hsd|dyn|static|ppp|speedy|customer\N}{yes}{no}}
>         !hosts         = +ignore_defer : +ignore_unknown : net-iplsearch;/etc/exim4/lst/skp_heloadsl
>         condition      = ${if match_ip{$sender_host_address}{${lookup dnsdb{>: defer_lax,a=${lookup dnsdb{>: defer_lax,mxh=$sender_address_domain}}}}}{no}{yes}}
>         condition      = ${if match_ip{$sender_host_address}{${lookup dnsdb{>: defer_never,a=$sender_helo_name}}}{no}{yes}}
>         !spf           = pass
>         delay          = 45s

>
>drop   message          = Reverse unchecked (${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}) is ADSL or DIAL, Helo $sender_helo_name not is $sender_host_address and your ip $sender_host_address not is a MX/SPF of domain <$sender_address_domain>
>         !senders       = :
>         condition      = ${if def:sender_host_name {false}{true}}
>         condition      = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}}{\N\d+\.\d+\.\d+\.\d+|\d+-\d+-\d+-\d+|host|dsl|dial|broad|band|user|dhcp|pool|client|cable|pppoe|hsd|dyn|static|ppp|speedy|customer\N}{yes}{no}}
>         !hosts         = +ignore_defer : +ignore_unknown : net-iplsearch;/etc/exim4/lst/skp_heloadsl
>         condition      = ${if match_ip{$sender_host_address}{${lookup dnsdb{>: defer_lax,a=${lookup dnsdb{>: defer_lax,mxh=$sender_address_domain}}}}}{no}{yes}}
>         condition      = ${if match_ip{$sender_host_address}{${lookup dnsdb{>: defer_never,a=$sender_helo_name}}}{no}{yes}}
>         !spf           = pass
>         delay          = 45s

>
>https://github.com/Exim/exim/wiki/AclSmtpData
>
>Fake my message ID domain or subdomain
>
>drop   message        = No you are not ME or OURS (Message-ID was ${domain:$h_Message-ID:} and equal my interface hostname)
>       !hosts         = +relay_from_hosts : +relay_mx_hosts
>       condition      = ${if !def:interface_address {no}{yes}}
>       condition      = ${if !def:h_message-id: {no}{yes}}
>       condition      = ${if match_ip{$interface_address}{${lookup dnsdb{>: defer_never,a=${domain:$h_Message-ID:}}}}{yes}{no}}
>       delay          = 45s

>
>
>--
>## List details at https://lists.exim.org/mailman/listinfo/exim-users
>## Exim details at http://www.exim.org/
>## Please use the Wiki with this list - http://wiki.exim.org/