On 23/06/2019 18:51, Calum Mackay via Exim-users wrote:
> by any chance, please, would anyone happen to have an acl_smtp_rcpt
> example that catches these particular exploit attempts — so my queue
> doesn't fill up with these frozen msgs — /but/ still allows me to have
> "user+suffix@domain" which I enable via local_part_suffix on a redirect
> router?
deny local_parts = \N ^.*$ : ^.*\\x24 : ^.*\\0?44 \N
message = no mate
Thie is perhaps over-broad - a dollar sign in a local-part
is strictly legitimate per the standards. However, it's
not something most strictly-Ascii sites would be wanting to
use, I suspect.
--
Cheers,
Jeremy
