Jay Sekora <[email protected]> (Fr 06 Sep 2019 20:49:21 CEST): > > For that reason I've published another mitigation method > > > > # to be prepended to your mail acl (the ACL referenced > > # by the acl_smtp_mail main config option) > > deny condition = ${if eq{\\}{${substr{-1}{1}{$tls_in_sni}}}} > > deny condition = ${if eq{\\}{${substr{-1}{1}{$tls_in_peerdn}}}} > > Thanks very much for that! Works fine on 4.86 (as shipped with Ubuntu > 16.04). > > On 4.82 as shipped with Ubuntu 14.04 (ick) on a host I unfortunately > can't upgrade quickly, the second deny condition (checking $tls_in_peerdn) > works fine but the first one complains that $tls_in_sni is an unknown > variable: > > failed to expand ACL string "${if eq{\\}{${substr{-1}{1}{$tls_in_sni}}}}": > unknown variable name "tls_in_sni" > > I've compared the documentation for SNI-related variables in the two > versions and see no obvious relevant difference. Am I missing something > obvious?
According the the Git log, the $tls_in_sni variable should be available for >= 4.81. For <4.81 $tls_sni was the name. Does "exim -be '$tls_in_sni'" complain too? And "exim -be '$tls_sni'"? -- Heiko
signature.asc
Description: PGP signature
-- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
