# This logic gives you a list of commonly forged domains in helo to reject against
- warn set acl_m2 = ${lookup{$sender_helo_name} \
+ warn set acl_m_frg = ${lookup{$sender_helo_name} \
nwildlsearch{/etc/exim4/helo-check} \
{${if eq{$value}{}{$sender_helo_name}{$value}}}{}}
# say helo as a name in the list but we can't look them up
defer !hosts = +debianhosts
- condition = ${if eq{$acl_m2}{}{no}{yes}}
+ condition = ${if eq{$acl_m_frg}{}{no}{yes}}
condition = ${if eq{$sender_host_name}{}{yes}{no}}
condition = ${if eq{$host_lookup_failed}{1}{no}{yes}}
message = Access temporarily denied. Resolve failed PTR for $sender_host_address
# If DNS works, go ahead and reject them
- drop !hosts = +debianhosts
- condition = ${if and { {!eq{$acl_m2}{}}{!match{$sender_host_name}{${rxquote:$acl_m2}\N$\N}}}{yes}{no}}
+ drop !hosts = +debianhosts
+ condition = ${if and { {!eq{$acl_m_frg}{}}{!match{$sender_host_name}{${rxquote:$acl_m_frg}\N$\N}}}{yes}{no}}
message = HELO mismatch Forged HELO for ($sender_helo_name)
# disabled accounts don't even get local mail.
condition = ${if match_local_part {$sender_address_local_part}{${extract{directory}{VDOMAINDATA}{${value}/neversenders}}}{1}{0}}
message = no mail should ever come from <$sender_address>
- warn condition = ${if eq{$acl_m6}{}}
+ warn condition = ${if eq{$acl_m_lcl}{}}
acl = acl_localonly
- set acl_m6 = localonly
- set acl_m7 = ${if eq{$acl_m7}{}{$local_part@$domain}{$acl_m7, $local_part@$domain}}
+ set acl_m_lcl = localonly
+ set acl_m_lrc = ${if eq{$acl_m_lrc}{}{$local_part@$domain}{$acl_m_lrc, $local_part@$domain}}
- warn condition = ${if eq{$acl_m6}{}}
+ warn condition = ${if eq{$acl_m_lcl}{}}
!acl = acl_localonly
- set acl_m6 = normal
+ set acl_m_lcl = normal
- defer condition = ${if eq{$acl_m6}{localonly}}
+ defer condition = ${if eq{$acl_m_lcl}{localonly}}
!acl = acl_localonly
log_message = Only one profile at a time, please
- defer condition = ${if eq{$acl_m6}{normal}}
+ defer condition = ${if eq{$acl_m_lcl}{normal}}
acl = acl_localonly
log_message = Only one profile at a time, please
%>
acl_check_predata:
- deny condition = ${if eq{$acl_m6}{localonly}}
- message = mail for $acl_m7 is only accepted internally
+ deny condition = ${if eq{$acl_m_lcl}{localonly}}
+ message = mail for $acl_m_lrc is only accepted internally
accept