Spur: » WinCVS mit SSH » Migration von Cyrus 2.0.16 auf 2.2.X » Linux Device-Mapper Konfiguration (mit Multipathing) » DokuWiki » DokuWiki Installation Schritt-für-Schritt » Publishing with OOo Writer and DokuWiki » drupal CMS » drupal Installation » Exim » Exim ACL Examples
Inhaltsverzeichnis

Exim ACL Examples

Siehe auch: http://www.maretmanu.org/homepage/inform/exim-spam.html

recursive acl

Auswertung der Variable acl_m7 (Get all MX)

acl_get_last_mx:
  warn set acl_m8 = ${sg{$acl_m7}{\N^(\d+) ([^\|]+).*\N} \
                                 {pri=\$1\nhosts=\$2}}

acl_main:
  warn set acl_m7       = ${lookup dnsdb{mx=$domain}{$value}{}}
        acl             = acl_get_last_mx

freeze e-Mails on Sender (From)

Alle Nachrichten von John Doe einfrieren

acl_check_content:
  warn log_message = ## is user $h_From freeze
        condition = ${if match{${lc:$h_From:}}{john.doe@example.com}{true}{false}}
        control = freeze

Alle Mails von bestimmten Empfängern anders routen

router ist internes System: 192.168.1.250

# transport
remote_smtp_intern:
  driver = smtp
  port = 25
  # allow_localhost

# router
smtp_to_intern:
  driver=manualroute
  condition = ${lookup {$local_part@$domain} lsearch{/etc/exim/internal_users} \
                  {yes} {no} }
  route_list= * 192.168.1.250
  domains = tnt.de
  transport = remote_smtp_intern
  no_more

internal_users

john.doe@example.com

Akzeptiere von einem bestimmten Absender einen bestimmten MIME-Typ

Absender heißt video@versand.de

acl_sender_check:
        accept
        condition = ${if and { \
                                        {match{${lc:$h_From:}}{video@versand.de}} \
                                    } {true}{false} }

        # freeze due to security reasons (or testing)
        control = freeze

acl_check_content:
        accept authenticated  = *

        warn
        logwrite = ## acl_check_content $h_To from F=$h_From

        # First unpack MIME containers and reject serious errors.
        deny
        message = This message contains a MIME error ($demime_reason) ($found_extension)
        demime = *
        condition = ${if >{$demime_errorlevel}{2}{1}{0}}

        # Now accept a specific mime type from a specific sender
        # Note: We need 2 ACLs (for AND)
        accept
        log_message = ## acl_check_content demime avi attachment ($found_extension)
        acl         = acl_sender_check
        demime      = avi

        deny
        message = This message contains an unwanted file extension ($found_extension)
        demime = bat:cmd:com:dll:eml:ocx:pif:scr:vbs:wsh:lnk:abs:aif:aiff:asf:asp:\
                asx:au:avi:flac:flc:fli:mng:mov:mp2:mp3:mpa:mpe:mpeg:mpega:mpg:ogg:\
                qt:qtl:ra:ram:rm:rpm:snd:wav:wma:wmv:wva:wvx:\
                gsm:reg:url:hlp:chm:sct:vb:vbe:wsc:wsf

Akzeptiere Mails an einen bestimmten Empfänger

exim.conf

acl_whitelist:
        accept
        condition = ${if \
           match{${lc:$h_To:}} \
                {${lookup {${lc:$h_To:}} lsearch{/etc/exim/whitelistusers}{${lc:$h_To:}}{nomatch}}} \
        }

Suche nach header-To in der Datei whitelistusers und gib den header_To aus, wenn er in der Datei whitelistusers vorhanden ist, andernfalls gib ein nomatch zurück.

acl - Aufruf eines externen Skripts

FIXME

/usr/local/bin/check_sender_host_address.sh

#!/bin/sh
PATH=/bin:/usr/bin
SENDERS=/etc/exim4/senders.txt
if [ "$#" == "0" ]; then
  echo "usage: $0 <sender_host_address>"
  exit 1
fi
grep $1 ${SENDERS}
exit 0

acl

  warn
        message = checking $sender_host_address
        condition = ${if eq{$sender_host_address} \
                   {${run{/usr/local/bin/check_sender_host_address.sh $sender_host_address} \
                     {$value}{no}}} \
                   {yes}{no}}
 
wissen/gpl/exim/exim-acl-examples.txt · Zuletzt geändert: 05.09.2010 20:31
 
Recent changes RSS feed Donate Valid XHTML 1.0 Valid CSS Recent cached RSS feed cacert-signed web site: inhalt.serviert.de