Re: [exim] Block connections based on HELO

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Scott Neader
Dátum:  
Címzett: Juan Bernhard
CC: exim-users
Tárgy: Re: [exim] Block connections based on HELO
>
> El 26/03/2015 a las 01:33 p.m., Scott Neader escibió:
> > If I want to block someone that sends HELO as "EXAMPLE" I can do the
> > following:
> >
> > acl_smtp_helo = acl_smtp_helo
> > ...
> > drop
> >    condition = ${if eq {$sender_helo_name}{EXAMPLE} {yes}{no}}
> >    log_message = HELO/EHLO - EXAMPLE blocked
> >    message = EXAMPLE HELO blocked
> > accept

> >
> > However, I need a little help with trying to block more than one HELO,
> for
> > example, if I want to block EXAMPLE and also FOO. A push in the right
> > direction would be appreciated!
> >
> > - Scott
> >
>
> On Thu, Mar 26, 2015 at 11:49 AM, Juan Bernhard <juan@???> wrote:
> You need some kind of lookup
> If you want to use a file, you can do something like:
> condition = ${lookup{$sender_helo_name} lsearch \
>                 {<blacklist_file>} {no} {yes}}

>
> And in the file you will have:
>
> EXAMPLE
> FOO
>
> (Please check the sintax in the manpage, it might be wrong)
>
> But, if you want to scale in the future (more than 500 blocked
> helo_name) you will need a database search. Check the exim documentation
> at chapter 9 and 11 to see the exact sintax.
>
> Saludos, Juan.



Thank you, Juan, for your help (and Jeremy, too!)

I tried this, but wound up blocking EVERY connection, so I have something
wrong:

/etc/heloblocks contains the following:
     yarde.com
     ylmf-pc


exim.conf contains the following:

drop
condition = ${lookup{$sender_helo_name}lsearch{/etc/heloblocks}{no}{yes}}
log_message = HELO/EHLO - HELO on custom heloblocks blocklist
message = HELO on custom blocklist
accept

But then everything is blocked:

2015-03-26 12:04:42 H=mail-pd0-f172.google.com [209.85.192.172]:33998
rejected EHLO or HELO mail-pd0-f172.google.com: HELO/EHLO - HELO on custom
heloblocks blocklist

I realize I am out of my league here... raising the white flag. :-)

- Scott