[wellylug] Calling all Exim gurus
Rob Stockley
wellylug at mowgli.net.nz
Sat Mar 26 00:39:01 NZST 2005
Rob,
I no exim guru but I'd try using some whitespace between the domains, eg
deny hosts = +local_domains
domains = ebay.com : ebay.com.us : paypal.com
If that doesn't help I'd probably use the actual host name in place of
+local_domains. How are you linking the acl to the acl_smtp_rcpt option?
I've always used postfix in preference to exim but that's probably
because it's the first one I learned to use.
Rob
Darryl Hamilton wrote:
> Ok, I'm a bit stuck with this one. Got an eBay scammer using a server
> to send out the usual crap, and it's breaking stuff trying to comply.
>
> So, for two reasons, I want to tell Exim to block the sending of those
> emails, but I don't know how, having not used Exim all that much.
>
> Some criteria -
> 1) the mail is coming from the server itself, I'm guessing a jailshell
> but it could be a phpBB exploit or other web form based thing
> 2) So far, 3 email addresses are being used - awconfirm at ebay.com,
> service at ebay.com and awconfirm at ebay.com.us, so I want to block those
> three, plus any others that pop up later on.
>
> I'm thinking (hoping) this can be done with an ACL (or a mod to an
> existing one), and this is what I'm asking. So far, I have the
> following in acl_smtp_rcpt, which doesn't seem to be working
>
> deny hosts = +local_domains
> domains = ebay.com:ebay.com.us:paypal.com
>
>
> If you have any ideas or examples I can look at, please let me know.
> Also, if you have any ideas on how to find out where this shit is
> coming from, that would be very handy to know.
>
> Thanks
> Darryl
>
>
More information about the wellylug
mailing list