Re: [exim] EBL: blacklist for email addresses in Reply-To an…

Top Page
Delete this message
Reply to this message
Author: Richard James Salts
Date:  
To: exim-users
Subject: Re: [exim] EBL: blacklist for email addresses in Reply-To and message bodies
On 29/06/17 21:59, Lena--- via Exim-users wrote:
>> The Reply-To: header takes an address-list and is interpreted as such,
>> and IIRC used in that way by some mail-clients when subscribed to
>> mailing-lists but wanting personal copies of replies too. So the `rt:`
>> ACL is going to calculate something which will emit bogus queries to an
>> external service.
> I tested with `exim -be`. If Reply-To contains more than one address
> then ${address expands into empty string, the ${if def
> causes the code to not query anything:
>
> rt:
>    warn    set acl_m_rt = ${sg{${lc:${address:$header_Reply-To:}}}{\\+.*@}{@}}
>     condition = ${if match{$acl_m_rt}{@???}}
>     set acl_m_rt = ${sg{${local_part:$acl_m_rt}}{\\.}{}}@gmail.com

>
>    deny    condition = ${if def:acl_m_rt}
>     condition = ${lookup{${domain:$acl_m_rt}}nwildlsearch\
>                       {MLDOMAINS}{0}{1}}
>     dnslists = ebl.msbl.org/${sha1:$acl_m_rt}
>     log_message = Reply-To: $header_Reply-To: in EBL: $dnslist_text \
>         From: $header_From:, envelope-from $sender_address, \
>         recipients=$recipients, Subject: $header_Subject:
>     message = spam detected
>           # 419 (Nigerian) scams often sent by humans, do not tell them
>           # that the spam was detected with EBL http://msbl.org

>
>    accept

>
>

Wouldn't you want to check all the addresses, do something like
${map{${addresses:$h_reply-to:}}...?