[exim] Verify sender ignored

Thu, 07 Jul 2011 11:36:01 -0700

Hello, I'm trying to verify the sender of my messages so that my users (authenticated) can't send with FROM something like [email protected], but with the real and public email address. But actually every senders is accepted. This is my ACL, I suppose that deny !verify = sender/callout (or without callout) will do the job, but it's not, every sender is accepted: 

begin acl

acl_check_rcpt:

    accept hosts = :
            control = dkim_disable_verify
    deny !verify = sender/callout
    accept hosts = +relay_from_hosts
            control = dkim_disable_verify
    accept authenticated = *
            control = dkim_disable_verify
drop condition = ${if match{$sender_helo_name}{^[0-9]\.[0-9]\.[0-9]\.[0-9]}{yes}{no} } 
         message   = "Dropped IP-only or IP-starting helo"
drop condition = ${if !match{$sender_helo_name}{\N.*[A-Za-z].*\..*[A-Za-z].*\N}{yes}{no}} 
         message = HELO should be fully qualified domain name. See RFC821
deny condition = ${if or{{!def:sender_helo_name}{eq{$sender_helo_name}{}}}{yes}{no}} message = RFCs mandate HELO/EHLO before mail can be sent 

   deny    message       = Restricted characters in address
          domains       = +local_domains
          local_parts   = ^[.] : ^.*[@%!/|]

  deny    message       = Restricted characters in address
          domains       = !+local_domains
          local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./

  require verify        = sender

  deny
message = [SPF] $sender_host_address is not allowed to send mail \ 
                    from $sender_address_domain.
      log_message = SPF check failed.
      set acl_m9  = -ipv4=$sender_host_address \
                    -sender=$sender_address \
                    -helo=$sender_helo_name
      set acl_m9  = ${run{/usr/bin/spfquery $acl_m9}}
      condition   = ${if eq {$runrc}{1}{true}{false}}

  accept  domains       = +local_domains
        control = dkim_disable_verify
          endpass
          verify        = recipient

  accept  domains       = +relay_to_domains
        control = dkim_disable_verify
          endpass
          verify        = recipient

    accept  hosts         = +relay_from_hosts
     control = dkim_disable_verify

  deny    message       = Relay not permitted
  accept hosts          = 127.0.0.1:+relay_from_hosts


  accept


****

Where is my fault? Thanks!

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Reply via email to