From a000287fda7809de68a15a497e0eb0cee6707e37 Mon Sep 17 00:00:00 2001 From: pacien Date: Wed, 21 Aug 2019 22:33:44 +0200 Subject: acl: drop connection from bad hosts --- conf.d/020_acl.conf | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'conf.d') diff --git a/conf.d/020_acl.conf b/conf.d/020_acl.conf index 19a6918..6bfa6ae 100644 --- a/conf.d/020_acl.conf +++ b/conf.d/020_acl.conf @@ -41,7 +41,7 @@ acl_check_rcpt_host_policy: control = dkim_disable_verify # Deny messages from hosts known to be bad. - deny dnslists = sbl-xbl.spamhaus.org : bl.spamcop.net + drop dnslists = sbl-xbl.spamhaus.org : bl.spamcop.net set acl_m_msg = [RBL] $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text # Accept if the host is an authorized sender according to the SPF policy for the domain (SPF pass). @@ -53,7 +53,7 @@ acl_check_rcpt_host_policy: condition = ${if eq {$acl_m_spf}{0}{yes}{no}} # Deny if the host is explicitely not an authorized sender according to the SPF policy for the domain (SPF fail). - deny condition = ${if eq {$acl_m_spf}{1}{yes}{no}} + drop condition = ${if eq {$acl_m_spf}{1}{yes}{no}} set acl_m_msg = [SPF] $sender_host_address is not allowed to send mail from \ ${if def:sender_address_domain {$sender_address_domain}{$sender_helo_name}}. \ Please see http://www.openspf.org/Why?scope=${if def:sender_address_domain \ @@ -61,7 +61,7 @@ acl_check_rcpt_host_policy: {$sender_address}{$sender_helo_name}};ip=$sender_host_address # Deny messages from hosts listed as non-MTA in the PBL, for which SPF couldn't determine a policy. - deny dnslists = pbl.spamhaus.org + drop dnslists = pbl.spamhaus.org set acl_m_msg = [RBL] $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text accept -- cgit v1.2.3