Re: [exim] Trying to block by Reply-To/From headers match

Fri, 15 Jan 2021 20:54:09 -0800

From 
https://www.exim.org/exim-html-current/doc/html/spec_html/ch-access_control_lists.html:
This condition tests the sender of the message against the given list... Warning: It is a bad idea to use this condition on its own as a control on relaying, because sender addresses are easily, and commonly, forged. 

Also from that section:
You cannot test the contents of the message, for example, to verify addresses in the headers, at RCPT time or when the DATA command is received. Such tests have to appear in the ACL that is run after the message itself has been received, before the final response to the DATA command is sent. This is the ACL specified by acl_smtp_data, which is the second ACL that is associated with the DATA command.
So in the acl_smtp_data you could put a custom condition and match against headers, e.g. $header_from and/or $h_reply-to. 

https://www.exim.org/exim-html-current/doc/html/spec_html/ch-string_expansions.html#SECTexpansionitems
Alternatively, if you are using spamassassin or another spam scoring system you can put a rule there. 

HTH,
Alex

On 16/01/21 3:25 pm, Konstantin Boyandin via Exim-users wrote:

Hello,

I am willing to block messages containing certain patterns in
From:/Reply-To: containing certain pattern.

I tried first blocking by senders: test configuration contains (right
below "begin acl"):

--- configuration snippet below
acl_check_sender:
    deny    senders = /etc/exim/sender_reject.list

    accept
--- configuration snippet above

and the mentioned /etc/exim/sender_reject.list contains

[email protected]
*@example.net
*@example.org

To block "[email protected]" and all senders from example.net and
example.org domains.

As far as I understood, the above only filters by the address reported
in "MAIL FROM" SMTP command (i.e., by Return-Path), which can be bogus.
How do I do correct filtering by Reply-To:/From: (using From: only if
Reply-To: is missing)?


--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Reply via email to