On 28/05/2023 03:04, AC via Exim-users wrote:
> I've seen ACLs checking sender_helo_name using isip{} but that doesn't seem to do anything for the case of a literal IP:
>
> H=([185.17.76.25])
>
> What's the proper way to check for the above condition and reject it?
There's no "One True Way".
Here's one possible:
deny condition = ${if isip{${sg{$sender_helo_name} {\N^[[](.*)]$\N} {$1}}}}
> what I was after was actually sender_host_name being empty which, from what I understand, is what H=([ip]) actually represents in the logs (if that's not the case hopefully someone can correct me).
No. Please ready the docs on $sender_host_name:
https://exim.org/exim-html-current/doc/html/spec_html/ch-string_expansions.html
> Now, along the same lines, which ACL would handle the TLS connection phase (the portion of the connection where the error: "TLS error on connection from ... (gnutls_handshake): The TLS connection was non-properly terminated")?
That could be associated with several ACLs; they act on SMTP commands
received, but that error is a TLS-level thing (a layer down in the
protocol stack).
> I'd like to put a similar rule in to block connections from IP only sources.
You need to re-evaluate.
--
Cheers,
Jeremy
--
## subscription configuration (requires account):
##
https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@???
## Exim details at
http://www.exim.org/
## Please use the Wiki with this list -
http://wiki.exim.org/
