Hi
I have a fairly complex exim acl arrangement that will black/grey/white
list incoming emails, but also allows the checking to be sidsetepped
when a specific 'long' receiver-name is used by the sender, eg
timxyz28965 (which is aliased to my real name - as per his email!).
This has been working very well, but I noticed the other day that
someone to who I had provided the special address must have had their
'outlook' address list harvested, as I received an email to the
special-name purporting to come from someone in Russia claiming to have
met me and enclosing an attachment (the email actually came via
aliceposta.it)
I am thinking of dealing with this potential ongoing issue by adding to
my acl something like this:
accept local_parts = ^timxyz28\\d{3}
set acl_m7 = ${readsocket{/tmp/mail_check} \
{$sender_address%}{5s}{}{X}}
condition = ${if eq {$acl_m7}{Y}{true}{false}}
On the basis that:
1) readsocket will only run if local_parts true
2) the condition is checked only if local_parts is true
3) accept will only happen if the condition is true
The mechanism behind it (/tmp/mail_check) consults an external cobol
database
that contains a list of unacceptable users and domains and returns N if
not to be accepted (found) , or Y if not found in the database.
I think the order of the subsidiary statements is correct, but my
knowledge of how exim deals with acl statements is somewhat empirical.
I wonder if the following compound condition would work?:
accept local_parts = ^timxyz28\\d{3}
condition = ${if eq
${readsocket{/tmp/mail_check{$sender_address%}{5s}{}{X}}\
{Y}{true}{false}}
Any comments/suggestions welcome
thanks
Tim Clarke
ps: no spell-checking on this so forgive my rubbish typing