summaryrefslogtreecommitdiff
path: root/conf.d
diff options
context:
space:
mode:
authorpacien2019-08-22 09:40:38 +0200
committerpacien2019-08-22 09:40:38 +0200
commit71a792f0aebc12b322dfc0acbd904ac413e6ae60 (patch)
tree0445d909b3e34caae297511f9900ceb5908f9b27 /conf.d
parenta000287fda7809de68a15a497e0eb0cee6707e37 (diff)
downloadexim-71a792f0aebc12b322dfc0acbd904ac413e6ae60.tar.gz
acl: drop bad hosts conn with message
Diffstat (limited to 'conf.d')
-rw-r--r--conf.d/020_acl.conf7
1 files changed, 3 insertions, 4 deletions
diff --git a/conf.d/020_acl.conf b/conf.d/020_acl.conf
index 6bfa6ae..c048b7d 100644
--- a/conf.d/020_acl.conf
+++ b/conf.d/020_acl.conf
@@ -42,7 +42,7 @@ acl_check_rcpt_host_policy:
42 42
43 # Deny messages from hosts known to be bad. 43 # Deny messages from hosts known to be bad.
44 drop dnslists = sbl-xbl.spamhaus.org : bl.spamcop.net 44 drop dnslists = sbl-xbl.spamhaus.org : bl.spamcop.net
45 set acl_m_msg = [RBL] $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text 45 message = [RBL] $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
46 46
47 # Accept if the host is an authorized sender according to the SPF policy for the domain (SPF pass). 47 # Accept if the host is an authorized sender according to the SPF policy for the domain (SPF pass).
48 accept set acl_m_spf = ${run{SPF_QUERY_COMMAND \ 48 accept set acl_m_spf = ${run{SPF_QUERY_COMMAND \
@@ -54,7 +54,7 @@ acl_check_rcpt_host_policy:
54 54
55 # Deny if the host is explicitely not an authorized sender according to the SPF policy for the domain (SPF fail). 55 # Deny if the host is explicitely not an authorized sender according to the SPF policy for the domain (SPF fail).
56 drop condition = ${if eq {$acl_m_spf}{1}{yes}{no}} 56 drop condition = ${if eq {$acl_m_spf}{1}{yes}{no}}
57 set acl_m_msg = [SPF] $sender_host_address is not allowed to send mail from \ 57 message = [SPF] $sender_host_address is not allowed to send mail from \
58 ${if def:sender_address_domain {$sender_address_domain}{$sender_helo_name}}. \ 58 ${if def:sender_address_domain {$sender_address_domain}{$sender_helo_name}}. \
59 Please see http://www.openspf.org/Why?scope=${if def:sender_address_domain \ 59 Please see http://www.openspf.org/Why?scope=${if def:sender_address_domain \
60 {mfrom}{helo}};identity=${if def:sender_address_domain \ 60 {mfrom}{helo}};identity=${if def:sender_address_domain \
@@ -62,7 +62,7 @@ acl_check_rcpt_host_policy:
62 62
63 # Deny messages from hosts listed as non-MTA in the PBL, for which SPF couldn't determine a policy. 63 # Deny messages from hosts listed as non-MTA in the PBL, for which SPF couldn't determine a policy.
64 drop dnslists = pbl.spamhaus.org 64 drop dnslists = pbl.spamhaus.org
65 set acl_m_msg = [RBL] $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text 65 message = [RBL] $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
66 66
67 accept 67 accept
68 68
@@ -115,7 +115,6 @@ acl_mta_rcpt:
115 message = Courtesy protocol violation: $acl_m_msg 115 message = Courtesy protocol violation: $acl_m_msg
116 116
117 require acl = acl_check_rcpt_host_policy 117 require acl = acl_check_rcpt_host_policy
118 message = $acl_m_msg
119 118
120 require acl = acl_check_rcpt_syntax 119 require acl = acl_check_rcpt_syntax
121 message = Syntactic validation failed: $acl_m_msg 120 message = Syntactic validation failed: $acl_m_msg