On Sat, Jul 13, 2024 at 01:02:41PM GMT, Grand Master via Exim-users wrote:
> goal is blocking spoofing or avoiding wildcard permissions in
> whitelist such as *@company.com
You probably want verify = sender in one of your ACLs, and a SPF check.
Exim has a native SPF condition for ACLs, but due to recent security
announcements (of dubious provenance and accuracy) some prefer to check
external software for this purpose, such as those based on the Perl
Mail::SPF module.
> in my option i'd like to check simultaneously on two walues:
> $sender_address and $acl_c_reverse_address
acl_c_reverse_address is a user variable, it has no meaning unless you
assign to it in another ACL.
It looks like you're referring to an existing configuration and hoping
to modify and improve it. Maybe you should share it with us here,
after appropriate sanitization.
--
Ian
--
## subscription configuration (requires account):
##
https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@???
## Exim details at
http://www.exim.org/
## Please use the Wiki with this list -
http://wiki.exim.org/