Hill Ruyter wrote: > Bill > > Thanks again > > If you would not consider it an IPR issue I would be very interested to see > a copy of your ACLs for reference purposes. > To see a working config against which I can reference the available > documentation may help me understand it a little better. > > Thanks again for you input > > Regards > Hill
Not an IPR issue in my case. A 'humanitarian' one. ;-) Overly complex, SQL-driven, and suited only to our needs. Even our Exim binary is from modified source code. Better to go at your own pace with the basics. You'll get there soon enough - and you will 'own' the knowledge, so you can admin the results easily. Bill > > >> -----Original Message----- >> From: [email protected] [mailto:[email protected]] >> On Behalf Of W B Hacker >> Sent: 05 June 2009 18:04 >> To: exim users >> Subject: Re: [exim] matching envelope from and from >> >> Hill Ruyter wrote: >>> Hi >>> I realise what has been said for mailing lists >>> >>> Which is why I only want to filter those mails where >>> The two are different AND the from is equal to ME. >>> >>> I can be quite sure I will not send any email to myself with a >> different >>> envelope-from address >>> >>> Is this possible without frigging mails from lists ? >>> >> Yes - but what you need is to do is catch it in a different snare. >> >> If you are passing what you posted: >> >> "Received: from [74.72.203.118] (helo=cpe-74-72-200- >> 118.nyc.res.rr.com)" >> >> ...you are not making full use of all the tests available: >> >> While >> >> 'host 74.72.203.118' >> >> and >> >> 'host cpe-74-72-200-118.nyc.res.rr.com' >> >> *appear* to forward/reverse return each other, Exim's logic *also* >> tries to >> verify (in order) that one of the returns is a valid SRV, MX, or at >> least an A >> record. >> >> All of which fail for the above example in particular, and *.res.rr.com >> in >> general [1]: >> >> 2009-06-05 08:25:43 [44471] H=cpe-76-189-146-130.neo.res.rr.com >> [76.189.146.130]:4738 I=[203.194.153.81]:25 rejected connection in >> "connect" >> ACL: C3A no valid PTR RR for 76.189.146.130 cpe-76-189-146- >> 130.neo.res.rr.com >> >> 2009-06-05 09:15:56 [44918] H=[75.87.252.7]:3980 I=[203.194.153.81]:25 >> rejected >> connection in "connect" ACL: C3B: host lookup failed (75.87.252.7 does >> not match >> any IP address for cpe-75-87-252-7.natnow.res.rr.com) >> >> NB: Exim err msg log entry is slightly obtuse. 'No valid' and 'does not >> match' >> might more accurately state '.. not valid for smtp use'. See >> ~/src/host.c >> >> As the "Road Runner" ISP does not operate its own shared-use mail >> servers from >> within the 'residential' DHCP pool anyway, other options include: >> >> - deny if attaching IP is in a 'dynamic IP RBL' >> >> 2009-06-04 16:00:14 [37021] H=117.157.100.97.cfl.res.rr.com >> [97.100.157.117]:4069 I=[203.194.153.81]:25 rejected connection in >> "connect" >> ACL: C7 97.100.157.117 blacklisted in dul.dnsbl.sorbs.net >> >> >> - deny on '*.res.rr.com' >> >> .. at or after any point $sender_hostname AND/OR $sender_helo_name have >> become >> available. >> >> 2009-05-05 16:16:17 [45270] H=cpe-67-249-217-77.twcny.res.rr.com >> [67.249.217.77]:2183 I=[203.194.153.81]:25 rejected connection in >> "connect" ACL: >> C9 cpe-67-249-217-77.twcny.res.rr.com Locally blacklisted. >> >> ('C9' is my ninth acl clause in acl_smtp_connect). >> >> Notes: >> >> C3A and C3B do most of the work. C7, an RBL call, and C9, an 'lsearch' >> of a >> local regular-expression blacklist, are very seldom reached. >> >> CAVEAT: Draconian! >> >> IF you use anything of this sort, first test effects on *your* >> environment with >> a 'warn' before converting to a 'deny'. >> >> Also effective. >> >> conducive# grep -c res.rr.com /var/log/exim/rejectlog >> 457 >> >> And *zero* complaints from user base of lost 'genuine' traffic from >> Road Runner. >> >> HTH, >> >> Bill >> >> >>>> -----Original Message----- >>>> From: [email protected] [mailto:exim-users- >> [email protected]] >>>> On Behalf Of Graeme Fowler >>>> Sent: 05 June 2009 16:17 >>>> To: [email protected] >>>> Subject: Re: [exim] matching envelope from and from >>>> >>>> On Fri, 2009-06-05 at 15:56 +0100, Hill Ruyter wrote: >>>>> I basically want to say >>>>> if envelope-from is not equal to from and from is equal to me then >>>> drop >>>> >>>> You'll stop receiving mailing list messages, then... look at the >> Exim >>>> list mails: >>>> >>>> Return-path: <[email protected]> >>>> From: "Hill Ruyter" <[email protected]> >>>> >>>> [the Return-Path is composed from the MAIL FROM, ie. the envelope >>>> sender] >>>> >>>> You may be surprised just how much mail comes in with different >>>> envelope >>>> sender and From: addresses. Especially if you subscribe to many >> lists. >>>> Graeme >>>> >>>> >>>> -- >>>> ## List details at http://lists.exim.org/mailman/listinfo/exim-users >>>> ## Exim details at http://www.exim.org/ >>>> ## Please use the Wiki with this list - http://wiki.exim.org/ >>> >> >> -- >> ## List details at http://lists.exim.org/mailman/listinfo/exim-users >> ## Exim details at http://www.exim.org/ >> ## Please use the Wiki with this list - http://wiki.exim.org/ > > -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
