> -----Original Message----- > From: Phil Pennock [mailto:[EMAIL PROTECTED] > Sent: Saturday, December 15, 2007 4:35 PM > To: Craig Jackson > Cc: [email protected] > Subject: Re: [exim] Regex or sg how > > On 2007-12-14 at 11:30 -0600, Craig Jackson wrote: > > It wasn't permissions. It was a leading spaces issue that I > couldn't > > see in the log, but which closer scrutiny of binlog > revealed. For some > > reason Exim was passing data with leading spaces. Mysql trim() > > fuunction fixed it. Whew. > > Following up because this indicates a conceptual problem in > your Exim config. > > The extra whitespace was actually in what you posted to the > list but I figured there was some kind of cut&paste error or > mail-client snafu, especially since later in the same line > there's an extra line-break which couldn't have been in the > original config. > > You wrote: > ----------------------------8< cut here > >8------------------------------ > MACRO: > CAPTURE_EHLO = CALL ehlo \ > ('${quote_mysql: ${lc:$sender_helo_name}}','${quote_mysql: > ${lc:$sender_address_domain}}') > ----------------------------8< cut here > >8------------------------------ > > You do indeed have an extra space in what you're asking to be > quoted; everything between the colon (':') character and the > closing brace ('}'). > > ${quote_whatever:xyz} quotes xyz in its entirety, including spaces. > This is deliberate, since xyz might be the result of a > lookup, or part of an email address. Note that > <""@example.org> is syntactically valid, as is <" > "@example.org>, <" foo "@example.org> (which is not the same > as <[EMAIL PROTECTED]>), etc. So someone speaking SMTP to you > can be supplying some quite unexpected data, which is why > it's important to always quote correctly. > > Remove those spaces and you won't need the trim. > > -Phil
Thanks, Phil, for your patience with my crazy mystery problems. Your suggestion worked. I wanted to let you know that the system I set up using this stored procedure also works very well at identifying spam. If the domain.tld we have in the database for our whitelisted domains doesn't match in the EHLO given by an email, then that email is flagged for spam -- basic forge detection. Since so many domains are hosted, it is very hard for spammers to know what the EHLO domain.tld should be. 90% of spammers don't bother tailoring the EHLO to the envelope domain. Any other suggestions welcome. Craig -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
