Re: [Exim-users] verify=sender/callout

Thu, 03 Jan 2013 07:53:37 -0800 

> From: Alexander Titaev

> >> почему бы не делать это выборочно, для странных адресов

>         deny
>         hosts  = !+relay_hosts
>         condition = ${if and {\
>                 {match{$sender_helo_name}{\N^[-a-z0-9]+\.\w{3}$\N}} \
>                 {eq{$sender_host_name}{}} \
>                         }{yes}{no}}
>         !verify = sender/callout

Сначала грейлистинг, потом задержка, и только после этого
(до этого места доходит весьма редко) callout:

acl_check_rcpt:
...
  warn set acl_m_greyfile = $spool_directory/greylist/${length_255:\
     ${sg{$sender_host_address}{\N\.\d+$\N}{}},\
     ${sg{$sender_address,$local_part@$domain}{\N[^\w.,=@-]\N}{}}}
...
  require verify        = sender
...
(здесь насчет auth и relay_from_hosts, с отлавливанием спамеров:
http://mailground.net/pipermail/exim-users/2012-August/000793.html ,
а также deny и accept по разным проверкам и  черным и белым спискам:
http://lena.kiev.ua/Lena-eximconf-run.txt ) 
...
  defer  condition = ${if def:acl_c_grey_checked}
         message = $acl_c_grey_checked
         condition = $acl_c_grey_result

  accept condition = ${if def:acl_c_grey_checked}
...
  defer  log_message = greylisted because no hostname
         condition = ${if !def:sender_host_name}
         set acl_c_grey_checked = deferred/greylisted because \
                $sender_host_address doesn't resolve to hostname or the \
                hostname doesn't resolve back to $sender_host_address
         message = $acl_c_grey_checked
         set acl_c_grey_result = ${if exists{$acl_m_greyfile}\
           {${if >{${eval:$tod_epoch-\
           ${extract{mtime}{${stat:$acl_m_greyfile}}}}}{180}{0}{1}}}\
           {${if eq{${run{/usr/bin/touch $acl_m_greyfile}}}{}{1}{1}}}}
         condition = $acl_c_grey_result

  deny   condition = ${if def:acl_c_grey_checked}
         logwrite = passed greylisting no hostname - delaying \
                    ${sg{$sender_rcvhost}{\N[\n\t]+\N}{\040}}
         delay = 22s
         logwrite = passed greylisting no hostname, endured delay \
                    ${sg{$sender_rcvhost}{\N[\n\t]+\N}{\040}}
         !verify = sender/callout=10s,defer_ok

  accept condition = ${if def:acl_c_grey_checked}
         add_header = X-OOOOOOOOOOOOOOOOOOOOOOOOOO: passed greylisting \
                      no hostname
...
(то же самое при нескольких других условиях)
...

Чтобы использовать это, надо создать директорию и cron job по инструкции
https://github.com/Exim/exim/wiki/DbLessGreyListingRun

_______________________________________________
Exim-users mailing list
[email protected]
http://mailground.net/mailman/listinfo/exim-users

Ответить