thanks for tips, I will change acls and test them
Regards, Marlon Em Ter 11 Jul 2006 22:32, W B Hacker escreveu: > sysadmin wrote: > > Hi, > > > > I try to follow your recomendation, and setup some acls from > > http://www.tldp.org/HOWTO/text/Spam-Filtering-for-MX > > The configuration cited incorpates a number of novel concepts that require > very consistent integration and may not all be appropriate in your > environment. > > Take these, or any other 'borrowed' configuration settings as examples, not > gospel, until you have tested them, gained a better understanding of what > the interactions are, and modifed them to work apropriately with other > parts of your configuration. > > > With new acls , I can't receive mail from external hosts: > > > > Jul 11 20:16:36 scadufax exim[21272]: 2006-07-11 20:16:36 SMTP connection > > from [200.195.199.2]:56212 I=[10.0.0.151]:25 (TCP/IP connection count = > > 1) Jul 11 20:16:37 scadufax exim[21916]: 2006-07-11 20:16:37 > > H=ns2.onda.com.br (maresia.onda.com.br) [200.195.199.2]:56212 > > I=[10.0.0.151]:25 Warning: remote host presented unverifiable HELO/EHLO > > greeting. > > Jul 11 20:16:58 scadufax exim[21947]: 2006-07-11 20:16:58 > > cwd=/var/spool/mqueue 2 args: /usr/sbin/exim -q > > Jul 11 20:16:58 scadufax exim[21947]: 2006-07-11 20:16:58 Start queue > > run: pid=21947 > > Jul 11 20:16:58 scadufax exim[21947]: 2006-07-11 20:16:58 End queue run: > > pid=21947 > > Jul 11 20:17:17 scadufax exim[21916]: 2006-07-11 20:17:17 > > H=ns2.onda.com.br (maresia.onda.com.br) [200.195.199.2]:56212 > > I=[10.0.0.151]:25 > > F=<[EMAIL PROTECTED]> rejected RCPT <[EMAIL PROTECTED]> > > Find that 'deny' verb and change it to a warn temporarily. > > What helps for finding and editing these fast is to add: > > - a acl ID or number to the comments of each acl set > > BOTH > > - a logwrite = <acl ID> <action> > > - a log_message = <acl ID> <whatever else you need> > > This will give you a lot more log entries than you will want to keep active > once in production, but will make it much easier to ID: > > - which acl is being traversed (at all), because a 'logwrite' can be > unconditional. > > - if it has 'activated', because a log_message can be conditional. > > (pay attention to the order in which they are placed within the acl!) > > When you edit, you can rapidly search on the coomented ID you have > assigned: (CONNECT_3, RECPT_4, DATA_2) to jump directly to the specific acl > code you wish to examine/modify. > > *snip* > > Example: > > # RECPT_N added for unique identification > > > # Deny if we have previously given a reason for doing so in $acl_m0. > > # Also stall the sender for another 20s first. > > # > > deny > > logwite = RECPT_N deny on prior flag > > > message = $acl_m0 > > log_message = RECPT_N $acl_m1 > > condition = ${if and {{def:acl_m0}{def:acl_m1}} {true}} > > delay = 20s > > *snip* > > FWIW, HELO/EHLO very often do not have an exact match to anything in a DNS, > and the gadzillions of domains using NetSol mail hosting *never* will - so > a 'hard' deny is not a good idea on that basis alone. > > A delay (only) of 60 seconds or so, however, will cause many such that are > zombies to abandon the connection. 20s seldom works as well as 30s or more. > > HTH, > > Bill -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
