From a000287fda7809de68a15a497e0eb0cee6707e37 Mon Sep 17 00:00:00 2001
From: pacien
Date: Wed, 21 Aug 2019 22:33:44 +0200
Subject: acl: drop connection from bad hosts

---
 conf.d/020_acl.conf | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/conf.d/020_acl.conf b/conf.d/020_acl.conf
index 19a6918..6bfa6ae 100644
--- a/conf.d/020_acl.conf
+++ b/conf.d/020_acl.conf
@@ -41,7 +41,7 @@ acl_check_rcpt_host_policy:
            control       = dkim_disable_verify
 
   # Deny messages from hosts known to be bad.
-  deny     dnslists      = sbl-xbl.spamhaus.org : bl.spamcop.net
+  drop     dnslists      = sbl-xbl.spamhaus.org : bl.spamcop.net
            set acl_m_msg = [RBL] $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
 
   # Accept if the host is an authorized sender according to the SPF policy for the domain (SPF pass).
@@ -53,7 +53,7 @@ acl_check_rcpt_host_policy:
            condition     = ${if eq {$acl_m_spf}{0}{yes}{no}}
 
   # Deny if the host is explicitely not an authorized sender according to the SPF policy for the domain (SPF fail).
-  deny     condition     = ${if eq {$acl_m_spf}{1}{yes}{no}}
+  drop     condition     = ${if eq {$acl_m_spf}{1}{yes}{no}}
            set acl_m_msg = [SPF] $sender_host_address is not allowed to send mail from \
                            ${if def:sender_address_domain {$sender_address_domain}{$sender_helo_name}}. \
                            Please see http://www.openspf.org/Why?scope=${if def:sender_address_domain \
@@ -61,7 +61,7 @@ acl_check_rcpt_host_policy:
                              {$sender_address}{$sender_helo_name}};ip=$sender_host_address
 
   # Deny messages from hosts listed as non-MTA in the PBL, for which SPF couldn't determine a policy.
-  deny     dnslists      = pbl.spamhaus.org
+  drop     dnslists      = pbl.spamhaus.org
            set acl_m_msg = [RBL] $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
 
   accept
-- 
cgit v1.2.3