github/myvesta
1
0
Fork 0
mirror of https://github.com/myvesta/vesta synced 2025-08-19 13:01:52 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

exim4 HELO authenticated patch

Browse source
This commit is contained in:
myvesta 2023-04-12 19:58:32 +02:00 committed by GitHub
commit 77467eeebd
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 44 additions and 20 deletions
Download patch file Download diff file Expand all files Collapse all files

10
install/debian/10/exim/exim4.conf.template
View file

@ -91,16 +91,18 @@ acl_check_mail:
deny condition = ${if eq{$sender_helo_name}{}} deny condition = ${if eq{$sender_helo_name}{}}
message = HELO required before MAIL message = HELO required before MAIL
drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid drop !authenticated = *
message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid
condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}} condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}}
condition = ${if match{${lc:$sender_host_name}}{.telenor.rs}{false}{true}}
condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}} condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}}
delay = 45s delay = 45s
drop condition = ${if isip{$sender_helo_name}} drop !authenticated = *
condition = ${if isip{$sender_helo_name}}
message = Access denied - Invalid HELO name (See RFC2821 4.1.3) message = Access denied - Invalid HELO name (See RFC2821 4.1.3)
drop condition = ${if eq{[$interface_address]}{$sender_helo_name}} drop !authenticated = *
condition = ${if eq{[$interface_address]}{$sender_helo_name}}
message = $interface_address is _my_ address message = $interface_address is _my_ address
accept accept

10
install/debian/11/exim/exim4.conf.template
View file

@ -91,16 +91,18 @@ acl_check_mail:
deny condition = ${if eq{$sender_helo_name}{}} deny condition = ${if eq{$sender_helo_name}{}}
message = HELO required before MAIL message = HELO required before MAIL
drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid drop !authenticated = *
message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid
condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}} condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}}
condition = ${if match{${lc:$sender_host_name}}{.telenor.rs}{false}{true}}
condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}} condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}}
delay = 45s delay = 45s
drop condition = ${if isip{$sender_helo_name}} drop !authenticated = *
condition = ${if isip{$sender_helo_name}}
message = Access denied - Invalid HELO name (See RFC2821 4.1.3) message = Access denied - Invalid HELO name (See RFC2821 4.1.3)
drop condition = ${if eq{[$interface_address]}{$sender_helo_name}} drop !authenticated = *
condition = ${if eq{[$interface_address]}{$sender_helo_name}}
message = $interface_address is _my_ address message = $interface_address is _my_ address
accept accept

10
install/debian/11/exim/exim4.conf.template-RC
View file

@ -108,16 +108,18 @@ acl_check_mail:
deny condition = ${if eq{$sender_helo_name}{}} deny condition = ${if eq{$sender_helo_name}{}}
message = HELO required before MAIL message = HELO required before MAIL
drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid drop !authenticated = *
message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid
condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}} condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}}
condition = ${if match{${lc:$sender_host_name}}{.telenor.rs}{false}{true}}
condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}} condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}}
delay = 45s delay = 45s
drop condition = ${if isip{$sender_helo_name}} drop !authenticated = *
condition = ${if isip{$sender_helo_name}}
message = Access denied - Invalid HELO name (See RFC2821 4.1.3) message = Access denied - Invalid HELO name (See RFC2821 4.1.3)
drop condition = ${if eq{[$interface_address]}{$sender_helo_name}} drop !authenticated = *
condition = ${if eq{[$interface_address]}{$sender_helo_name}}
message = $interface_address is _my_ address message = $interface_address is _my_ address
accept accept

10
install/debian/8/exim/exim4.conf.template
View file

@ -87,16 +87,18 @@ acl_check_mail:
deny condition = ${if eq{$sender_helo_name}{}} deny condition = ${if eq{$sender_helo_name}{}}
message = HELO required before MAIL message = HELO required before MAIL
drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid drop !authenticated = *
message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid
condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}} condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}}
condition = ${if match{${lc:$sender_host_name}}{.telenor.rs}{false}{true}}
condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}} condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}}
delay = 45s delay = 45s
drop condition = ${if isip{$sender_helo_name}} drop !authenticated = *
condition = ${if isip{$sender_helo_name}}
message = Access denied - Invalid HELO name (See RFC2821 4.1.3) message = Access denied - Invalid HELO name (See RFC2821 4.1.3)
drop condition = ${if eq{[$interface_address]}{$sender_helo_name}} drop !authenticated = *
condition = ${if eq{[$interface_address]}{$sender_helo_name}}
message = $interface_address is _my_ address message = $interface_address is _my_ address
accept accept

10
install/debian/9/exim/exim4.conf.template
View file

@ -87,16 +87,18 @@ acl_check_mail:
deny condition = ${if eq{$sender_helo_name}{}} deny condition = ${if eq{$sender_helo_name}{}}
message = HELO required before MAIL message = HELO required before MAIL
drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid drop !authenticated = *
message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid
condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}} condition = ${if match{$sender_helo_name}{\N((\d{1,3}[.-]\d{1,3}[.-]\d{1,3}[.-]\d{1,3})|([0-9a-f]{8})|([0-9A-F]{8}))\N}{yes}{no}}
condition = ${if match{${lc:$sender_host_name}}{.telenor.rs}{false}{true}}
condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}} condition = ${if match {${lookup dnsdb{>: defer_never,ptr=$sender_host_address}}\}{$sender_helo_name}{no}{yes}}
delay = 45s delay = 45s
drop condition = ${if isip{$sender_helo_name}} drop !authenticated = *
condition = ${if isip{$sender_helo_name}}
message = Access denied - Invalid HELO name (See RFC2821 4.1.3) message = Access denied - Invalid HELO name (See RFC2821 4.1.3)
drop condition = ${if eq{[$interface_address]}{$sender_helo_name}} drop !authenticated = *
condition = ${if eq{[$interface_address]}{$sender_helo_name}}
message = $interface_address is _my_ address message = $interface_address is _my_ address
accept accept

14
src/deb/for-download/tools/patches/exim_helo_authenticated.patch Normal file
View file

@ -0,0 +1,14 @@
--- /etc/exim4/exim4.conf.template.orig 2023-04-12 19:05:20.745847763 +0200
+++ /etc/exim4/exim4.conf.template 2023-04-12 19:34:29.000000000 +0200
@@ -94 +94,2 @@
- drop message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid
+ drop !authenticated = *
+ message = Helo name contains a ip address (HELO was $sender_helo_name) and not is valid
@@ -100 +101,2 @@
- drop condition = ${if isip{$sender_helo_name}}
+ drop !authenticated = *
+ condition = ${if isip{$sender_helo_name}}
@@ -103 +105,2 @@
- drop condition = ${if eq{[$interface_address]}{$sender_helo_name}}
+ drop !authenticated = *
+ condition = ${if eq{[$interface_address]}{$sender_helo_name}}