Отключение проверки на RBL

EXIM, sendmail, postfix, Dovecot и прочие. Решение проблем связанных с работой электронной почты

Модератор: xM

Правила форума
Убедительная просьба юзать теги [code] при оформлении листингов.
Сообщения не оформленные должным образом имеют все шансы быть незамеченными.
Аватара пользователя
Agronom
ст. сержант
Сообщения: 305
Зарегистрирован: 2006-12-11 10:30:13

Отключение проверки на RBL

Непрочитанное сообщение Agronom » 2011-09-26 9:06:53

Как отключить для определенного пользователя проверку на черные списки?
Попробовал вот так, не помогло:

Код: Выделить всё

  ######################################################################
  #                       ACL CONFIGURATION                            #
  #         Specifies access control lists for incoming SMTP mail      #
  ######################################################################
 
  begin acl
  
  acl_check_sender:
  deny
  log_message = mach host_reject.list
  senders = /etc/exim/reject.list
  accept
                  
 
 # This access control list is used for every RCPT command in an incoming
 # SMTP message. The tests are run in order until the address is either
 # accepted or denied.
          
 acl_check_rcpt:
                  
 # Accept if the source is local SMTP (i.e. not over TCP/IP). We do this by
 # testing for an empty sending host field.
                      
accept  hosts = :

#############################################################################
# The following section of the ACL is concerned with local parts that contain
# @ or % or ! or / or | or dots in unusual places.
#
# The characters other than dots are rarely found in genuine local parts, but
# are often tried by people looking to circumvent relaying restrictions.
# Therefore, although they are valid in local parts, these rules lock them
# out, as a precaution.
#
# Empty components (two dots in a row) are not valid in RFC 2822, but Exim
# allows them because they have been encountered. (Consider local parts
# constructed as "firstinitial.secondinitial.familyname" when applied to
# someone like me, who has no second initial.) However, a local part starting
# with a dot or containing /../ can cause trouble if it is used as part of a
# file name (e.g. for a mailing list). This is also true for local parts that
# contain slashes. A pipe symbol can also be troublesome if the local part is
# incorporated unthinkingly into a shell command line.
#
# Two different rules are used. The first one is stricter, and is applied to
# messages that are addressed to one of the local domains handled by this
# host. It blocks local parts that begin with a dot or contain @ % ! / or |.
# If you have local accounts that include these characters, you will have to
# modify this rule.
#message       = Restricted characters in address
                                                                      
deny    domains       = +local_domains
        local_parts   = ^[.] : ^.*[@%!/|]

deny    message       = Restricted sender in address
            domains       = +local_domains
            local_parts   = match /etc/exim/rejected_to.list
            !hosts = 127.0.0.1 : +relay_from_hosts

                                                  
# The second rule applies to all other domains, and is less strict. This
# allows your own users to send outgoing messages to sites that use slashes
# and vertical bars in their local parts. It blocks local parts that begin
# with a dot, slash, or vertical bar, but allows these characters within the
# local part. However, the sequence /../ is barred. The use of @ % and ! is
# blocked, as before. The motivation here is to prevent your users (or
# your users' viruses) from mounting certain kinds of attack on remote sites.
#message       = Restricted characters in address

  deny    domains       = !+local_domains
          local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
# mailbox for spamtrap          
deny        message = You aren't authorized to send on this address
domains       = +local_domains
                local_parts   = ^.*frdc* : /etc/exim/rejected_to.list       
                local_parts   = /etc/exim/rejected_to.list 
#############################################################################
                                      
# Accept mail to postmaster in any local domain, regardless of the source,
# and without verifying the sender.
                                                          
accept  local_parts   = postmaster
        domains       = +local_domains
# Deny unless the sender address can be verified.
require verify        = sender

#############################################################################
# There are no checks on DNS "black" lists because the domains that contain
# these lists are changing all the time. However, here are two examples of
# how you could get Exim to perform a DNS black list lookup at this point.
# The first one denies, while the second just warns.
#
# deny    message       = rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
#         dnslists      = black.list.example
#

accept    condition = ${if match {$local_part}{prohorov}{yes}}

deny      message       = rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
                     !hosts = +trusted_hosts_list           
                     dnslists      = zen.spamhaus.org : http.dnsbl.sorbs.net : socks.dnsbl.sorbs.net : smtp.dnsbl.sorbs.net : dul.ru : dul.dnsbl.sorbs.net : dynablock.njabl.org 

Хостинговая компания Host-Food.ru
Хостинг HostFood.ru
 

Услуги хостинговой компании Host-Food.ru

Хостинг HostFood.ru

Тарифы на хостинг в России, от 12 рублей: https://www.host-food.ru/tariffs/hosting/
Тарифы на виртуальные сервера (VPS/VDS/KVM) в РФ, от 189 руб.: https://www.host-food.ru/tariffs/virtualny-server-vps/
Выделенные сервера, Россия, Москва, от 2000 рублей (HP Proliant G5, Intel Xeon E5430 (2.66GHz, Quad-Core, 12Mb), 8Gb RAM, 2x300Gb SAS HDD, P400i, 512Mb, BBU):
https://www.host-food.ru/tariffs/vydelennyi-server-ds/
Недорогие домены в популярных зонах: https://www.host-food.ru/domains/

Аватара пользователя
skeletor
майор
Сообщения: 2548
Зарегистрирован: 2007-11-16 18:22:04

Re: Отключение проверки на RBL

Непрочитанное сообщение skeletor » 2011-09-26 11:10:47

Вот так:

Код: Выделить всё

hosts         = !10.1.0.0/16 : !127.0.0.1 : !+relay_from_hosts
domains       = !+local_domains:!+relay_from_domains

Аватара пользователя
Agronom
ст. сержант
Сообщения: 305
Зарегистрирован: 2006-12-11 10:30:13

Re: Отключение проверки на RBL

Непрочитанное сообщение Agronom » 2011-09-26 11:15:46

skeletor писал(а):Вот так:

Код: Выделить всё

hosts         = !10.1.0.0/16 : !127.0.0.1 : !+relay_from_hosts
domains       = !+local_domains:!+relay_from_domains
это к чему? по вашему это отключит проверку на черные списки для определенного пользователя (prohorov)?

Аватара пользователя
Agronom
ст. сержант
Сообщения: 305
Зарегистрирован: 2006-12-11 10:30:13

Re: Отключение проверки на RBL

Непрочитанное сообщение Agronom » 2011-09-26 11:32:41

почему не работает такой порядок аклов?

Код: Выделить всё

accept    condition = ${if match {$local_part}{prohorov}{yes}}

deny      message       = rejected because $sender_host_address is in a black list at $dnslist_domain\n$dnslist_text
                     !hosts = +trusted_hosts_list           
                     dnslists      = zen.spamhaus.org : http.dnsbl.sorbs.net : socks.dnsbl.sorbs.net : smtp.dnsbl.sorbs.net : dul.ru : dul.dnsbl.sorbs.net : dynablock.njabl.org