On 12/02/2014 02:37 AM, Фадеев Виталий Львович wrote: > I forgot to comment that this ACL doesnt work in Exim 4.84 > > > Tue, 02 Dec 2014 13:11:32 +0300 от Фадеев Виталий Львович <[email protected]>: >> Hi! >> Please, write proper ACL to FAQ: >> >> https://github.com/Exim/exim/wiki/AclHeloTricks >> >> HELO contain a IP part >> drop message = Helo name contains a ip address (HELO was >> $sender_helo_name) and not is valid >> condition = ${if >> match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}} >> condition = ${if match {${lookup dnsdb{>: >> defer_never,ptr=$sender_host_address}}}{$sender_helo_name}{no}{yes}} >> delay = 45s >> >> HELO contain my domains, subdomains or my interface by dns lookup >> >> drop message = No you are not ME or OURS (HELO was >> $sender_helo_name and equal my interface hostname) >> condition = ${if !def:interface_address {no}{yes}} >> condition = ${if match_ip{$interface_address}{${lookup dnsdb{>: >> defer_never,a=$sender_helo_name}}}{yes}{no}} >> delay = 45s >> >> HELO not contain a full host (ex: host.domain.com) >> drop message = Invalid domain or IP given in HELO/EHLO (HELO was >> $sender_helo_name) >> condition = ${if >> match{$sender_helo_name}{.+\\\..+\\\..+}{no}{yes}} >> !authenticated = * >> !senders = wildlsearch;/etc/exim4/lst/skp_helodot >> !hosts = +ignore_defer : +ignore_unknown : +relay_from_hosts >> : net-iplsearch;/etc/exim4/lst/skp_heloadsl >> condition = ${if match_ip{$sender_host_address}{${lookup >> dnsdb{>: defer_lax,a=${lookup dnsdb{>: >> defer_lax,mxh=$sender_address_domain}}}}}{no}{yes}} >> delay = 45s The first of these should work, but the other two fail as of version 4.77, because they contain expansion variables in the second parameter of the condition match_ip. Are you suggesting that none of them work?
-- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
