>
> El 26/03/2015 a las 01:33 p.m., Scott Neader escibió:
> > If I want to block someone that sends HELO as "EXAMPLE" I can do the
> > following:
> >
> > acl_smtp_helo = acl_smtp_helo
> > ...
> > drop
> > condition = ${if eq {$sender_helo_name}{EXAMPLE} {yes}{no}}
> > log_message = HELO/EHLO - EXAMPLE blocked
> > message = EXAMPLE HELO blocked
> > accept
> >
> > However, I need a little help with trying to block more than one HELO,
> for
> > example, if I want to block EXAMPLE and also FOO. A push in the right
> > direction would be appreciated!
> >
> > - Scott
> >
>
> On Thu, Mar 26, 2015 at 11:49 AM, Juan Bernhard <juan@???> wrote:
> You need some kind of lookup
> If you want to use a file, you can do something like:
> condition = ${lookup{$sender_helo_name} lsearch \
> {<blacklist_file>} {no} {yes}}
>
> And in the file you will have:
>
> EXAMPLE
> FOO
>
> (Please check the sintax in the manpage, it might be wrong)
>
> But, if you want to scale in the future (more than 500 blocked
> helo_name) you will need a database search. Check the exim documentation
> at chapter 9 and 11 to see the exact sintax.
>
> Saludos, Juan.
Thank you, Juan, for your help (and Jeremy, too!)
I tried this, but wound up blocking EVERY connection, so I have something
wrong:
/etc/heloblocks contains the following:
yarde.com
ylmf-pc
exim.conf contains the following:
drop
condition = ${lookup{$sender_helo_name}lsearch{/etc/heloblocks}{no}{yes}}
log_message = HELO/EHLO - HELO on custom heloblocks blocklist
message = HELO on custom blocklist
accept
But then everything is blocked:
2015-03-26 12:04:42 H=mail-pd0-f172.google.com [209.85.192.172]:33998
rejected EHLO or HELO mail-pd0-f172.google.com: HELO/EHLO - HELO on custom
heloblocks blocklist
I realize I am out of my league here... raising the white flag. :-)
- Scott