I keep feeling rather uneasy at the original example Arkadiusz mentioned:
^test@$primary_hostname "$h_from:"Ffs
^test@$primary_hostname "" Ffs
I thought that the replacement string should be an email address, not the
(entire) value of a "From:" header? For example
On Thursday 14 of July 2016, Jeremy Harris wrote:
> On 13/07/16 21:45, Arkadiusz Miśkiewicz wrote:
> > Scenario:
> >
> > ^test@$primary_hostname "$h_from:"Ffs
> > ^test@$primary_hostname "" Ffs
> >
> > First rule in some cases will return "yielded unparseable
Hi,
Do you check for compromissed account? Who is faisal.alaz...@aldimna.com ?
Best Regards.
> Оригинално писмо
>От: Flan AlFlani solo9...@hotmail.com
>Относно: Re: [exim] Exim server maillog are flood by spam attemps?
>До: kuncho pencho
>Изпратено на:
On 13.07.2016 06:07, Flan AlFlani wrote:
My log is flooded with those spam attemps and I wonder if there is a ACL can
stop those attemps.
These are not attempts, but successful misuse of your server as an open
relay! 1st example:
2016-07-09 22:00:32 [2252] 1bM4ys-aK-QP
On 13/07/16 21:45, Arkadiusz Miśkiewicz wrote:
> Scenario:
>
> ^test@$primary_hostname "$h_from:"Ffs
> ^test@$primary_hostname "" Ffs
>
> First rule in some cases will return "yielded unparseable address:
> empty address in address" which is fine and expected.
>
>