[prev in list] [next in list] [prev in thread] [next in thread]
List: exim-users
Subject: Re: [Exim] blocking fake yahoo and hotmail
From: Victor Ustugov <victor () corvax ! kiev ! ua>
Date: 2003-11-30 14:52:27
[Download RAW message or body]
Kevin Reed wrote:
> > > If HELO yahoo.com comes from an IP with non yahoo rDNS, DENY - don't
> > > waste time deferring it.
> >
> > Nice idea. Do you have that recipe in acl syntax for a cookbook?
>
> There is a sample of it on the forum.
>
> http://exim.got-there.com/forums/viewtopic.php?p=465#465
There will be problems with checking if nameserver be inaccessible.
Here is a modified variant:
# Check Certain HELO's against what their hostname is supposed to be
warn set acl_m9 = ${lookup{$sender_helo_name} \
partial-lsearch{/usr/local/exim/helo-check} \
{${if eq{$value}{}{$sender_helo_name}{$value}}}{}}
defer condition = ${if eq{$acl_m9}{}{no}{yes}}
condition = ${if eq{$sender_host_name}{}{yes}{no}}
condition = ${if eq{$host_lookup_failed}{1}{no}{yes}}
message = Access temporarily denied. Cannot resolve PTR
record for $sender_host_address
drop log_message = HELO MISMATCH Forged HELO for ($sender_helo_name)
condition = ${if and { \
{!eq{$acl_m9}{}} \
{!match{$sender_host_name}{${rxquote:$acl_m9}\N$\N}} \
} \
{yes}{no}}
delay = 30s
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Best wishes Victor Ustugov mailto:victor@corvax.kiev.ua
ICQ UIN: 77186900, 32418694 nic-handle: CRV2-RIPE, CRV-UANIC
--
## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at \
http://www.exim.org/ ##
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic