Hello,
I have the following line in my local_sender_blacklist file, which is
included as a blacklisted address list:
^.*@s\\d+\\..+\\.ru
(The reason is that a huge amount of spam comes from addresses
following that pattern and not all of the sending IPs are included in
RBLs. I've tried all sorts of variants and I'm fairly certain the
fault is not in my regex syntax.)
This is the only regex I have there, other lines are simple address patterns.
This does not match anything. Other lines in the blocklist work, this
does not. For example this spam got through:
2023-11-12 19:48:04 1r2EZ2-001Ocx-6S <= info@???
H=(s7.alextro.ru) [94.139.242.37] P=esmtp S=20273
id=829c43219fe28a9d5849a83f24063c0e@???
According to the Exim documentation, regexes should work in address
lists. The file is included in acl_check_rcpt:
deny
message = sender envelope address $sender_address is locally
blacklisted here. If you think this is wrong, get in touch with
postmaster
!acl = acl_local_deny_exceptions
senders = ${if exists{CONFDIR/local_sender_blacklist}\
{CONFDIR/local_sender_blacklist}\
{}}
Is there something I'm missing here? Should the backslashes in
included files be doubly escaped or something?
--
## subscription configuration (requires account):
##
https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@???
## Exim details at
http://www.exim.org/
## Please use the Wiki with this list -
http://wiki.exim.org/