RE: [exim] anti-spoof acl rules

Wed, 20 Jul 2005 07:30:30 -0700 


> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> Behalf Of Troy Settle
> Sent: Wednesday, July 20, 2005 9:09 AM
> To: [EMAIL PROTECTED]
> Cc: [email protected]
> Subject: Re: [exim] anti-spoof acl rules
>
>
>
>
> Peter Bowyer wrote:
> > On 20/07/05, Troy Settle <[EMAIL PROTECTED]> wrote:
> >
> >>After long last, I'm finally fed up with the spoofed emails from
> >>addresses such as:
> >>
> >>  admin@
> >>  support@
> >>  info@
> >>  staff@
> >>
> >>I successfully blocked these by adding the following to my configure:
> >>
> >>  deny  senders = [EMAIL PROTECTED]:[EMAIL PROTECTED]
> >>        message = Spoofers not welcome here!
> >>
> >>However, I need a rule that will wildcard in all local domains, but also
> >>allow for a whitelist:
> >>
> >>  allow senders = [EMAIL PROTECTED]
> >>  deny  senders = admin
> >>        domains = +local_domains
> >>        message = Spoofers not welcome here!
> >>
> >>But, with this, Exim refuses to run.
> >
> >
> > Oooh good, my favourite rant :-)
> >
> > What form does this 'refusal to run' take?
> >
> > If you go looking in the Exim logs, there's a very good chance you'll
> > find a clue as to what you've done wrong. Even if it doesn't help you,
> > posting the log messages here will almost certainly help us to help
> > you.
> >
> > (This is meant to be constructive, even if it doesn't seem like it)
> >
> > Peter
>
>
> Here's the error:
>
> error in ACL: unknown ACL condition/modifier in "allow senders
>           = [EMAIL PROTECTED]"
>
> DUH!!  accept maybe?  Let's ignore this part for now though, first I
> want to figure out how to block these role accounts:
>
>    deny senders = admin
>         domains = +local_domains
>
> It didn't block anything, so I tried this as well:
>
>    deny senders = [EMAIL PROTECTED]
>         domains = +local_domains
>
> It blocked external domains as well as locals.
>

the domains = +local_domains relates to recipient domains not the sender
domain

if the domain part of admin local is different than the domain part of admin
external then deny senders = [EMAIL PROTECTED]
.
now if you are trying to use the sender domain in a list then you should use
sender_domains =

so
        deny senders = [EMAIL PROTECTED]
        sender_domains = +local_domains

might??? do what you want, if I understand your question.

Rick


--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.



-- 
## List details at http://www.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/

Reply via email to