LinkBack URL
About LinkBacks
Please check my Exim ACL 's (r they ok?)
Can anybody check my Exim ACL 's and tell me if it is okay? I feel they are messed up just a little bit..
PS: Using:Code:check_recipient: accept hosts = : accept condition = ${if eq{$interface_port}{587}{yes}{no}} endpass message = SMTP authentication required for access on port 587 authenticated = * deny delay = 5s message = IP address ($sender_helo_name) is not an allowed HELO string condition = ${if isip {$sender_helo_name}} log_message = HELO string $sender_helo_name denied from $sender_host_address deny !sender_domains = lsearch;/etc/localdomains !senders = @@lsearch;/etc/localsenders !hosts = +relay_hosts !hosts = /etc/exim_rbl_whitelist !authenticated = * delay = 5s message = rejected because $sender_host_address in a black list at \ $dnslist_domain\n$dnslist_text dnslists = sbl-xbl.spamhaus.org : list.dsbl.org : dnsbl.ahbl.org : \ relays.ordb.org : bl.spamcop.net drop hosts = /etc/exim_deny !hosts = /etc/exim_deny_whitelist delay = 5s message = Connection denied for 1 hour after dictionary attack log_message = Connection denied from $sender_host_address after dictionary attack drop !verify = recipient !hosts = /etc/exim_deny_whitelist delay = 5s message = Appears to be a dictionary attack log_message = Dictionary attack (after $rcpt_fail_count failures) condition = ${if > {${eval:$rcpt_fail_count}}{4}{yes}{no}} condition = ${run{/etc/exim_deny.pl $sender_host_address }{yes}{no}} # Accept bounces to lists even if callbacks or other checks would fail warn message = X-WhitelistedRCPT-nohdrfromcallback: Yes condition = ${if and {{match{$local_part}{(.*)-bounces\+.*}} \ {exists {/usr/local/cpanel/3rdparty/mailman/lists/${lc:$1}_${lc:$domain}/config.pck}}}{yes}{no}} accept condition = ${if and {{match{$local_part}{(.*)-bounces\+.*}} \ {exists {/usr/local/cpanel/3rdparty/mailman/lists/${lc:$1}_${lc:$domain}/config.pck}}}{yes}{no}} warn message = X-WhitelistedRCPT-nohdrfromcallback: Yes condition = ${if and {{match{$local_part}{(.*)-bounces\+.*}} \ {exists {/usr/local/cpanel/3rdparty/mailman/lists/${lc:$1}/config.pck}}}{yes}{no}} accept condition = ${if and {{match{$local_part}{(.*)-bounces\+.*}} \ {exists {/usr/local/cpanel/3rdparty/mailman/lists/${lc:$1}/config.pck}}}{yes}{no}} #if it gets here it isn't mailman #sender verifications are required for all messages that are not sent to lists #recipient verifications are required for all messages that are not sent to the local machine #this was done at multiple users requests require verify = sender accept domains = +local_domains endpass message = Please check all recipients of this message to verify they are valid. verify = recipient accept domains = +relay_domains warn message = ${perl{popbeforesmtpwarn}{$sender_host_name}} hosts = +relay_hosts accept hosts = +relay_hosts warn message = ${perl{popbeforesmtpwarn}{$sender_host_address}} condition = ${perl{checkrelayhost}{$sender_host_address}} accept condition = ${perl{checkrelayhost}{$sender_host_address}} accept hosts = +auth_relay_hosts endpass message = $sender_fullhost is currently not permitted to relay. Please enable SMTP Authentication in your email client. authenticated = * deny delay = 10s message = $sender_fullhost is currently not permitted to relay. Please enable SMTP Authentication in your email client. #!!# ACL that is used after the DATA command check_message: require verify = header_sender ######## EXISCAN ACL ######### deny delay = 10s message = This message contains malware ($malware_name). malware = * deny delay = 1s message = No $found_extension attachments are allowed here. Resend them in ZIP or RAR files. demime = ade:adp:bas:bat:cmd:com:cpl:crt:hta:lnk:pif:prf:scr:url:vbs:vbe:wsh:wsc warn message = X-Antivirus: Clear (${readsocket{/var/clamd}{VERSION}{2s}{}{Clam AntiVirus Scanner 0.87.1}}) ######## EXISCAN ACL ######### acceptCode:av_scanner = clamd:/var/clamd
Reply With Quote
