Hi we're are using exim as mta for our internal company mailserver. In last times we recieve many worm-mails from one special adress in a dial-in-pool. As usual in standart exim config, we we're till now only checking recipient via acl and some additional blacklists. But now i have to write an acl on smtp_connect or smtp_helo. for now i've tried with:
[...] acl_smtp_helo = acl_check_helo [...] acl_check_helo: accept hosts = * deny hosts = *.some.pppool.tld [eof] unfortunately this doesn't work, as i expected, because messages are still coming in from this host (someuser.some.pppool.tld). For now i am trying same with "acl_smtp_connect" instead of "acl_smtp_helo" maybe this can work. the goal is to not even make connections to this infected dial-in user. can you give me a hint ? -- Jan Kapellen System Administrator XQueue GmbH Christian-Pleß-Str. 11-13 63069 Offenbach fon: +49 69 83 00 89 80 fax: +49 69 83 00 89 89 -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
