Hi All.
I am having an issue coming up with the correct syntax on a deny. I want to
deny where the FROM: address is in the recipients list and the sender is NOT
authenticated. (And I have similar rules that check the sender instead of
from:. However, I want to exclude mailing list postings, for example, or all
mail to a specific local domain. The idea is that all valid users of the
system, for domains we host, should not be sending mail to themselves or others
in their domains EXCEPT through our smtp servers. Things that legitimately
place the FROM: address like a mail list posting, that is not originating with
our servers, should be excepted. And there may be a hosted domain or two that
we need to exclude. (The reason is that we still see lots of spam being sent
where they put in the recipients email address as the FROM: address to try and
"sneak" it past filters, and similar shenanigans. Not as much as a few years
ago, but still a significant number a day. The example rules is but one of a
bunch that trap on similar "sneakiness"
All these are in the ACL after the DATA (check_message: in my case, which was
from the exim3 to exim4 auto convert process) (the error code is a bogus thing
for them to digest :) )
The lines
deny message = *************************** go away from impostor!
(error code XXFA)
condition = ${if
match_address{${address:$header_from:}}{$recipients}{yes}{no}}
!authenticated = *
will block when the FROM and recipients match and it is not authenticated, and
is what I am using, but it blocks the list sourced mail messages sent by our
users to mailing lists when they come back through the list.
I have tried all of the following and various other tries similar and they
don't work. They still block the mail from lists
deny message = *************************** go away from impostor!
(error code XXFA)
condition = ${if and { \
{ match_address{${address:$header_from:}}{$recipients}} \
{ !match{lc:$header_Precedence:}{"list"}} \
}{yes}{no}}
!authenticated = *
and
deny message = *************************** go away from impostor!
(error code XXFA)
condition = ${if
match_address{${address:$header_from:}}{$recipients}{yes}{no}}
condition = ${if !match{lc:$header_Precedence:}{"list"}{yes}{no}}
!authenticated = *
and
deny message = *************************** go away from impostor!
(error code XXFA)
condition = ${if
match_address{${address:$header_from:}}{$recipients}{yes}{no}}
!condition = ${if match{lc:$header_Precedence:}{"list"}{yes}{no}}
!authenticated = *
Any guidance on properly specifying the condition would be appreciated.
Thanks
Chad
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
