turn off a bit more for popcon.d.o

Signed-off-by: Stephen Gran <steve@lobefin.net>

diff --git a/modules/exim/templates/eximconf.erb b/modules/exim/templates/eximconf.erb
index 7b47197..feecf86 100644 (file)
--- a/modules/exim/templates/eximconf.erb
+++ b/modules/exim/templates/eximconf.erb
@@ -556,10 +556,18 @@ end
 out
 %>
 
+  warn    acl           = acl_getprofile
+          condition     = ${if eq{$acl_m_prf}{}}
+          set acl_m_prf = $acl_m_rprf
+
+  defer   condition     = ${if eq{$acl_m_prf}{$acl_m_rprf}{no}{yes}}
+          log_message   = Only one profile at a time, please
+
   # Defer after too many bad RCPT TO's.  Legit MTAs will retry later.
   # This is a rough pass at preventing addres harvesting or other mail blasts.
 
   defer  log_message   = Too many bad recipients ${eval:$rcpt_fail_count} out of $rcpt_count
+         condition     = ${if eq {$acl_m_prf}{PopconMail}{no}{yes}}
          message       = Too many bad recipients, try again later
          !hosts        = +debianhosts
          condition     = ${if > {${eval:$rcpt_fail_count}}{3}{yes}{no}}
@@ -567,12 +575,14 @@ out
   # Dump spambots that are so stupid they say helo as our IP address
 
   drop !hosts          = +debianhosts
+        condition      = ${if eq {$acl_m_prf}{PopconMail}{no}{yes}}
        condition       = ${if eq {$sender_helo_name}{$interface_address}{yes}{no}}
        message         = HELO mismatch Forged HELO for ($sender_helo_name)
 
   # Also for spambots that say helo as us or one of our domains
 
   drop !hosts          = +debianhosts
+        condition      = ${if eq {$acl_m_prf}{PopconMail}{no}{yes}}
        condition       = ${if match_domain{$sender_helo_name}{$primary_hostname:+handled_domains}}
        condition       = ${if !match{$sender_host_name}{${rxquote:$sender_helo_name}\N$\N}}
        message         = HELO mismatch Forged HELO for ($sender_helo_name)
@@ -587,6 +597,7 @@ out
   # say helo as a name in the list but we can't look them up
 
   defer !hosts         = +debianhosts
+        condition      = ${if eq {$acl_m_prf}{PopconMail}{no}{yes}}
         condition      = ${if eq{$acl_m_frg}{}{no}{yes}}
         condition      = ${if eq{$sender_host_name}{}{yes}{no}}
         condition      = ${if eq{$host_lookup_failed}{1}{no}{yes}}
@@ -595,6 +606,7 @@ out
   # If DNS works, go ahead and reject them
 
   drop  !hosts         = +debianhosts
+        condition      = ${if eq {$acl_m_prf}{PopconMail}{no}{yes}}
         condition      = ${if and { {!eq{$acl_m_frg}{}}{!match{$sender_host_name}{${rxquote:$acl_m_frg}\N$\N}}}{yes}{no}}
         message        = HELO mismatch Forged HELO for ($sender_helo_name)
 
@@ -635,13 +647,6 @@ out
           condition     = ${if match_local_part {$sender_address_local_part}{${extract{directory}{VDOMAINDATA}{${value}/neversenders}}}{1}{0}}
          message       = no mail should ever come from <$sender_address>
 
-  warn    acl           = acl_getprofile
-          condition     = ${if eq{$acl_m_prf}{}}
-          set acl_m_prf = $acl_m_rprf
-
-  defer   condition     = ${if eq{$acl_m_prf}{$acl_m_rprf}{no}{yes}}
-          log_message   = Only one profile at a time, please
-
   warn    condition     = ${if eq{$acl_m_prf}{localonly}}
           set acl_m_lrc = ${if eq{$acl_m_lrc}{}{$local_part@$domain}{$acl_m_lrc, $local_part@$domain}}
 
@@ -671,6 +676,7 @@ out
           !verify        = sender
 
   defer   !hosts         = +debianhosts
+          condition      = ${if eq {$acl_m_prf}{PopconMail}{no}{yes}}
           condition      = ${if >{${eval:$acl_c_scr+0}}{0}}
           ratelimit      = 10 / 60m / per_rcpt / $sender_host_address
           message        = slow down (no reverse dns, mismatched ehlo, dialup, or in blacklists)