Am 01.08.2010 um 13:06 schrieb Axel Rau: > I have this acl, to refuse local senders, not coming from local > outgoing relays: > ---------- > deny message = "We don't like spoofed sender addresses" > log_message = $sender_host_name [$sender_host_address] attempts to > spoof local sender > sender_domains = +local_domains > hosts = !+own_outgoing_relay_hosts > delay = 3m > > accept > ---------- I have now traced an example where the ACL condition "sender_domains" does not test the domain part of the sender address but the domain part/fqdn of the sending relay (client), "localhost" in the following example: -------------------------- 72219 HELO verification failed but host is in helo_try_verify_hosts 72219 SMTP>> 250 mx4.lrau.net Hello localhost [222.252.137.104] 72219 SMTP<< MAIL FROM: <[email protected]> 72219 spool directory space = 581621868K inodes = 122205500 check_space = 102400K inodes = 0 msg_size = 0 72219 using ACL "acl_check_mail" 72219 processing "warn" 72219 check logwrite = DM: $sender_address_domain 72219 = DM: chaos1.de 72219 LOG: MAIN 72219 DM: chaos1.de 72219 warn: condition test succeeded 72219 processing "deny" 72219 check sender_domains = +local_domains 72219 search_open: pgsql "NULL" 72219 search_find: file="NULL" 72219 key="SELECT name FROM localdomain WHERE name ='localhost' " partial=-1 affix=NULL starflags=0 72219 LRU list: 72219 internal_search_find: file="NULL" 72219 type=pgsql key="SELECT name FROM localdomain WHERE name ='localhost' " 72219 database lookup required for SELECT name FROM localdomain WHERE name ='localhost' 72219 PostgreSQL query: SELECT name FROM localdomain WHERE name ='localhost' 72219 PGSQL new connection: host=xyz port= database=operations user=abc 72219 PGSQL: no data found 72219 lookup failed 72219 chaos1.de in ""? no (end of list) 72219 chaos1.de in "+local_domains"? no (end of list) 72219 deny: condition test failed 72219 processing "accept" 72219 accept: condition test succeeded 72219 SMTP>> 250 OK 72219 SMTP<< RCPT TO: <[email protected]> -------------------------- I will will create a bug report and try to rewrite the acl to use $sender_address_domain for the test.
Axel --- [email protected] PGP-Key:29E99DD6 +49 151 2300 9283 computing @ chaos claudius -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
