diff options
author | pacien | 2019-08-22 09:40:38 +0200 |
---|---|---|
committer | pacien | 2019-08-22 09:40:38 +0200 |
commit | 71a792f0aebc12b322dfc0acbd904ac413e6ae60 (patch) | |
tree | 0445d909b3e34caae297511f9900ceb5908f9b27 | |
parent | a000287fda7809de68a15a497e0eb0cee6707e37 (diff) | |
download | exim-71a792f0aebc12b322dfc0acbd904ac413e6ae60.tar.gz |
acl: drop bad hosts conn with message
-rw-r--r-- | conf.d/020_acl.conf | 7 |
1 files changed, 3 insertions, 4 deletions
diff --git a/conf.d/020_acl.conf b/conf.d/020_acl.conf index 6bfa6ae..c048b7d 100644 --- a/conf.d/020_acl.conf +++ b/conf.d/020_acl.conf | |||
@@ -42,7 +42,7 @@ acl_check_rcpt_host_policy: | |||
42 | 42 | ||
43 | # Deny messages from hosts known to be bad. | 43 | # Deny messages from hosts known to be bad. |
44 | drop dnslists = sbl-xbl.spamhaus.org : bl.spamcop.net | 44 | drop dnslists = sbl-xbl.spamhaus.org : bl.spamcop.net |
45 | set acl_m_msg = [RBL] $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text | 45 | message = [RBL] $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text |
46 | 46 | ||
47 | # Accept if the host is an authorized sender according to the SPF policy for the domain (SPF pass). | 47 | # Accept if the host is an authorized sender according to the SPF policy for the domain (SPF pass). |
48 | accept set acl_m_spf = ${run{SPF_QUERY_COMMAND \ | 48 | accept set acl_m_spf = ${run{SPF_QUERY_COMMAND \ |
@@ -54,7 +54,7 @@ acl_check_rcpt_host_policy: | |||
54 | 54 | ||
55 | # Deny if the host is explicitely not an authorized sender according to the SPF policy for the domain (SPF fail). | 55 | # Deny if the host is explicitely not an authorized sender according to the SPF policy for the domain (SPF fail). |
56 | drop condition = ${if eq {$acl_m_spf}{1}{yes}{no}} | 56 | drop condition = ${if eq {$acl_m_spf}{1}{yes}{no}} |
57 | set acl_m_msg = [SPF] $sender_host_address is not allowed to send mail from \ | 57 | message = [SPF] $sender_host_address is not allowed to send mail from \ |
58 | ${if def:sender_address_domain {$sender_address_domain}{$sender_helo_name}}. \ | 58 | ${if def:sender_address_domain {$sender_address_domain}{$sender_helo_name}}. \ |
59 | Please see http://www.openspf.org/Why?scope=${if def:sender_address_domain \ | 59 | Please see http://www.openspf.org/Why?scope=${if def:sender_address_domain \ |
60 | {mfrom}{helo}};identity=${if def:sender_address_domain \ | 60 | {mfrom}{helo}};identity=${if def:sender_address_domain \ |
@@ -62,7 +62,7 @@ acl_check_rcpt_host_policy: | |||
62 | 62 | ||
63 | # Deny messages from hosts listed as non-MTA in the PBL, for which SPF couldn't determine a policy. | 63 | # Deny messages from hosts listed as non-MTA in the PBL, for which SPF couldn't determine a policy. |
64 | drop dnslists = pbl.spamhaus.org | 64 | drop dnslists = pbl.spamhaus.org |
65 | set acl_m_msg = [RBL] $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text | 65 | message = [RBL] $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text |
66 | 66 | ||
67 | accept | 67 | accept |
68 | 68 | ||
@@ -115,7 +115,6 @@ acl_mta_rcpt: | |||
115 | message = Courtesy protocol violation: $acl_m_msg | 115 | message = Courtesy protocol violation: $acl_m_msg |
116 | 116 | ||
117 | require acl = acl_check_rcpt_host_policy | 117 | require acl = acl_check_rcpt_host_policy |
118 | message = $acl_m_msg | ||
119 | 118 | ||
120 | require acl = acl_check_rcpt_syntax | 119 | require acl = acl_check_rcpt_syntax |
121 | message = Syntactic validation failed: $acl_m_msg | 120 | message = Syntactic validation failed: $acl_m_msg |