summaryrefslogtreecommitdiff
path: root/conf.d
diff options
context:
space:
mode:
authorpacien2019-08-21 22:33:44 +0200
committerpacien2019-08-21 22:33:44 +0200
commita000287fda7809de68a15a497e0eb0cee6707e37 (patch)
treeb8dd4909afb4ba16d099b2aec10912752f16a35d /conf.d
parent97655c8806aa127ddd5fc397a7412adb829f371f (diff)
downloadexim-a000287fda7809de68a15a497e0eb0cee6707e37.tar.gz
acl: drop connection from bad hosts
Diffstat (limited to 'conf.d')
-rw-r--r--conf.d/020_acl.conf6
1 files changed, 3 insertions, 3 deletions
diff --git a/conf.d/020_acl.conf b/conf.d/020_acl.conf
index 19a6918..6bfa6ae 100644
--- a/conf.d/020_acl.conf
+++ b/conf.d/020_acl.conf
@@ -41,7 +41,7 @@ acl_check_rcpt_host_policy:
41 control = dkim_disable_verify 41 control = dkim_disable_verify
42 42
43 # Deny messages from hosts known to be bad. 43 # Deny messages from hosts known to be bad.
44 deny dnslists = sbl-xbl.spamhaus.org : bl.spamcop.net 44 drop dnslists = sbl-xbl.spamhaus.org : bl.spamcop.net
45 set acl_m_msg = [RBL] $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text 45 set acl_m_msg = [RBL] $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
46 46
47 # Accept if the host is an authorized sender according to the SPF policy for the domain (SPF pass). 47 # Accept if the host is an authorized sender according to the SPF policy for the domain (SPF pass).
@@ -53,7 +53,7 @@ acl_check_rcpt_host_policy:
53 condition = ${if eq {$acl_m_spf}{0}{yes}{no}} 53 condition = ${if eq {$acl_m_spf}{0}{yes}{no}}
54 54
55 # Deny if the host is explicitely not an authorized sender according to the SPF policy for the domain (SPF fail). 55 # Deny if the host is explicitely not an authorized sender according to the SPF policy for the domain (SPF fail).
56 deny condition = ${if eq {$acl_m_spf}{1}{yes}{no}} 56 drop condition = ${if eq {$acl_m_spf}{1}{yes}{no}}
57 set acl_m_msg = [SPF] $sender_host_address is not allowed to send mail from \ 57 set acl_m_msg = [SPF] $sender_host_address is not allowed to send mail from \
58 ${if def:sender_address_domain {$sender_address_domain}{$sender_helo_name}}. \ 58 ${if def:sender_address_domain {$sender_address_domain}{$sender_helo_name}}. \
59 Please see http://www.openspf.org/Why?scope=${if def:sender_address_domain \ 59 Please see http://www.openspf.org/Why?scope=${if def:sender_address_domain \
@@ -61,7 +61,7 @@ acl_check_rcpt_host_policy:
61 {$sender_address}{$sender_helo_name}};ip=$sender_host_address 61 {$sender_address}{$sender_helo_name}};ip=$sender_host_address
62 62
63 # Deny messages from hosts listed as non-MTA in the PBL, for which SPF couldn't determine a policy. 63 # Deny messages from hosts listed as non-MTA in the PBL, for which SPF couldn't determine a policy.
64 deny dnslists = pbl.spamhaus.org 64 drop dnslists = pbl.spamhaus.org
65 set acl_m_msg = [RBL] $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text 65 set acl_m_msg = [RBL] $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
66 66
67 accept 67 accept