Am 27.12.22 um 01:58 schrieb Jarland Donnell via Exim-users:
Hey friends,I'e been getting some weird spam/virus email that seems to be causing an unexpected result with exim. I'll show you what I'm seeing, and I'm wondering if anyone has any ideas on how I can ACL out email addresses that actually have quotations in their envelope sender address
2022-12-26 18:20:59 1p9s5q-0007aL-2S <= ""@server12.sistemthfl[breakforfilters]ineamarket.com H=server12.sistemthflineamarket.com [91.234[breakforfilters].198.105] P=esmtps X=TLS1.2:ECDHE-ECDSA-AES128-GCM-SHA256:128 CV=no S=9286
Add ' " ' here : deny message = Restricted characters in address domains = +local_domains local_parts = ^[.] : ^.*[\$@%!/|] : ^.*x24 : ^.*0.44It, if added, would deny any messages containing the " symbol. You may need to check, if an attempt with "x22" needs additional handling in this rule as for the $ char seen above.
Best regards, Marius
OpenPGP_0x048770A738345DD3.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
-- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
