warn set acl_c_reverse_address = ${lookup
dnsdb{defer_lax,ptr=$sender_host_address}{$value}}
# known experiment
# warn
# domains = !+local_domains
# condition = ${if
match{${extract{1}{:}{${lookup{$sender_address}lsearch{/usr/local/etc/exim/db/known}}}}}{no}
{yes}{no}}
## condition = ${if
eq{${extract{2}{:}{${lookup{$acl_c_reverse_address}wildlsearch{/usr/local/etc/exim/db/known}}}}}{no}
{yes}{
# add_header = X-KNOWN: passed $sender_address
# logwrite = warning! known detected! $local_part $sender_address
($acl_c_reverse_address) $acl_m9
file /usr/local/etc/exim/db/known
...
*@company.com:\N^mail\-[a-z0-9]+\-[a-z0-9]+\.google\.com$\N
*@company2.com
:\N^[A-Z0-9]+\-[A-Z0-9]+\-obe\.outbound\.protection\.outlook\.com$\N
...
please note I am not looking for a solution to the problem, but only a way
to create a test condition
сб, 13 июл. 2024 г. в 18:31, Ian Z via Exim-users <exim-users@???
>:
> On Sat, Jul 13, 2024 at 01:02:41PM GMT, Grand Master via Exim-users wrote:
>
> > goal is blocking spoofing or avoiding wildcard permissions in
> > whitelist such as *@company.com
>
> You probably want verify = sender in one of your ACLs, and a SPF check.
> Exim has a native SPF condition for ACLs, but due to recent security
> announcements (of dubious provenance and accuracy) some prefer to check
> external software for this purpose, such as those based on the Perl
> Mail::SPF module.
>
> > in my option i'd like to check simultaneously on two walues:
> > $sender_address and $acl_c_reverse_address
>
> acl_c_reverse_address is a user variable, it has no meaning unless you
> assign to it in another ACL.
>
> It looks like you're referring to an existing configuration and hoping
> to modify and improve it. Maybe you should share it with us here,
> after appropriate sanitization.
>
> --
> Ian
>
> --
> ## subscription configuration (requires account):
> ##
> https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
> ## unsubscribe (doesn't require an account):
> ## exim-users-unsubscribe@???
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/
>
--
## subscription configuration (requires account):
##
https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@???
## Exim details at
http://www.exim.org/
## Please use the Wiki with this list -
http://wiki.exim.org/