Ahoj, Dňa Thu, 2 Jun 2022 16:19:18 +0100 Jeremy Harris via Exim-users <[email protected]> napísal:
> I don't see that your config actually uses
> CHECK_RCPT_REMOTE_LOCALPARTS, having defined it.
It is, only not at start of the file, see:
...
acl_check_mail:
accept
CHECK_RCPT_LOCAL_LOCALPARTS = ^[.] : ^.*[@%!/|`#&?]
CHECK_RCPT_REMOTE_LOCALPARTS = ^[./|] : ^.*[@%!`#&?] : ^.*/\\.\\./
acl_check_rcpt:
...
You (original poster) do not tell us how you did test it. The particular
ACL are run only for SMTP connection, thus will not stop to use eg. by
mailx, nor by batch SMTP (accepted at start of RCPT ACL). See here, how
you can test it (note the dot at RCPT start as restricted character) --
can be wrapped:
+ from remote machine:
swaks --server mail.example.org --to [email protected] --quit rcpt
=== Trying primex.skk:25...
...
-> RCPT TO:<[email protected]>
<** 550 restricted characters in address
...
+ from local host:
echo -e "EHLO kuk\nMAIL FROM:<[email protected]>\nRCPT
TO:<[email protected]>\nQUIT" | exim -bh 1.2.3.4 ...
>>> processing "deny" (/var/lib/exim4/config.autogenerated 439)
>>> check domains = !+local_domains
>>> example.org in "!+local_domains"? yes (end of list)
>>> check local_parts = ^[./|] : ^.*[@%!`#&?] : ^.*/\\.\\./
>>> .user in "^[./|] : ^.*[@%!`#&?] : ^.*/\.\./"? yes (matched
>>> "^[./|]") message: restricted characters in address
>>> deny: condition test succeeded in ACL "acl_check_rcpt"
>>> end of ACL "acl_check_rcpt": DENY
550 restricted characters in address
LOG: H=[1.2.3.4] F=<[email protected]> rejected RCPT <[email protected]>:
restricted characters in address ...
As you can see, both examples ends in rejections that recipient.
You do not need to setup the CHECK_RCPT_*_LOCALPARTS macros, as they
have sane defaults on debian, only when one want to relax them or vice
versa...
regards
--
Slavko
https://www.slavino.sk
pgpeRmg0LEwgG.pgp
Description: Digitálny podpis OpenPGP
-- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
