Приходит много спама и судя по всему не выполняеться acl_check_rcpt, т.к в спаме в HELLO ip адреса и всякие dsl и ppoe вставляют, а он их пропускает. Что делать?
Вот кусок конфига, он с сайта:
Код: Выделить всё
primary_hostname = mx.null.ru
hide mysql_servers = localhost/exim/exim/exim
domainlist local_domains = ${lookup mysql{SELECT `domain` FROM `domain` WHERE `domain`='${domain}' AND `active`='1'}}
domainlist relay_to_domains = ${lookup mysql{SELECT `domain` FROM `domain` WHERE `domain`='${domain}' AND `active`='1'}}
hostlist relay_from_hosts = 127.0.0.1 : 192.168.32.0/24
acl_smtp_rcpt = acl_check_rcpt
acl_smtp_data = acl_check_data
qualify_domain = mx.null.ru
qualify_recipient = mx.null.ru
exim_user = mailnull
exim_group = mail
never_users = root
rfc1413_hosts = *
rfc1413_query_timeout = 0s
ignore_bounce_errors_after = 45m
timeout_frozen_after = 7d
auto_thaw =1h
smtp_banner = "$primary_hostname, ESMTP EXIM $version_number"
smtp_accept_max = 50
smtp_accept_max_per_connection = 25
smtp_accept_max_per_host = 20
split_spool_directory = true
#smtp_enforce_sync = false
freeze_tell = error@lesk.ru
helo_accept_junk_hosts = 192.168.0.0/16
message_size_limit = 64M
helo_allow_chars = _
smtp_enforce_sync = true
log_selector = +all_parents +connection_reject +incoming_interface +lost_incoming_connection +received_sender +received_recipients +smtp_confirmation +smtp_syntax_error +smtp_protocol_error -queue_run
syslog_timestamp = no
begin acl
acl_check_rcpt:
accept hosts = 0.0.0.0/32
deny message = Restricted characters in address
domains = +local_domains
local_parts = ^[.] : ^.*[@%!/|]
deny message = Restricted characters in address
domains = !+local_domains
local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
accept local_parts = postmaster
domains = +local_domains
require verify = sender
deny message = "HELO/EHLO - require by SMTP RFC"
condition = ${if eq{$sender_helo_name}{}{yes}{no}}
accept authenticated = *
deny condition = ${if >={$rcpt_fail_count}{2} {1}{0}}
log_message = Too many rcpt_fail_count (${eval:$rcpt_fail_count+1})
message = Reject. Too many unknown recipients.
deny condition = ${if match{$sender_host_name} \
{\N((?>\w+[\.|\-]){2,})\N}{yes}{no}}
hosts = !+relay_from_hosts
log_message = TOO MANY
accept hosts = +relay_from_hosts
control = submission
deny message = "You IP in HELO - access denied!"
hosts = * : !+relay_from_hosts
condition = ${if eq{$sender_helo_name}\
{$sender_host_address}{true}{false}}
deny condition = ${if eq{$sender_helo_name}\
{$interface_address}{yes}{no}}
hosts = !127.0.0.1 : !localhost : *
message = "main IP in your HELO! Access denied!"
deny condition = ${if match{$sender_helo_name}\
{\N^\d+$\N}{yes}{no}}
hosts = !127.0.0.1 : !localhost : *
message = "can not be only number in HELO!"
deny message = "you hostname is bad (adsl, poll, ppp & etc)."
condition = ${if match{$sender_host_name} \
{dsl|dial|dialup|dial-up|dsl|dynamic|pppoe|pool|peer|dhcp} \
{yes}{no}}
deny message = We don't need spam!
hosts = !+relay_from_hosts : *
condition = ${if isip{[$sender_helo_name]}{yes}{no}}
log_message = IP
delay = 30s
accept
warn
set acl_m0 = 20s
warn
hosts = +relay_from_hosts:192.168.0.0/16
set acl_m0 = 0s
accept domains =+local_domains
endpass
message ="In my mailserver not stored this user"
verify =recipient
accept domains =+relay_to_domains
endpass
message ="main server don't know how relay to this address"
verify =recipient
deny message = "You in blacklist - $dnslist_domain \n $dnslist_text"
dnslists = opm.blitzed.org : cbl.abuseat.org : bl.cmsa.biz : dynablock.njabl.org : dul.ru : db.wpbl.info : combined.dynablock.org
log_message = DNSBL
accept hosts =+relay_from_hosts
deny message = "NOT!!!"
