Sebastian Tennant wrote: > Hi all, > > Try as a might, I can't get any ACLs to work. > > I'm using Exim 4.69 (split configuration) on a Debian box and I've edited: > > /etc/exim4/conf.d/acl/00_exim4_config_header
Debian - especially with split-config, has its own 'ways' and its own mailing list. Link and details are in your on-box docs. Meanwhile, in the MAIN section of the configure file(s), *before* 'begin acl' the general case is that one will 're-map' the very basic default behaviour of the built-in acl's (not much more than a naked 'accept') to your own custom clauses - at least for any that you choose to alter. It won't look exactly like mine, (below) and I can't personally speak for Debian split which I'd have thought has already doine this... but here is at least an example so you have an idea what to look for: ===== # MAIN_6: Map Exim's core acl functions to our revised over-rides # ELSE Exim's built-ins apply if not re-directed here. # acl_smtp_connect = acl_r_connect acl_smtp_helo = acl_r_helo acl_smtp_mail = acl_r_mail acl_smtp_rcpt = acl_r_rcpt acl_smtp_predata = acl_r_predata acl_smtp_data = acl_r_data acl_smtp_auth = acl_r_auth ===== HTH, Bill > > to read: > > begin acl > > acl_smtp_connect: > deny > message = Go away! > hosts = 79.126.200.252 > > but when I do: > > $ exim -bh 79.126.200.252 > > the connection is not refused: > > **** SMTP testing session as if from host 79.126.200.252 > **** but without any ident (RFC 1413) callback. > **** This is not for real! > >>> host in hosts_connection_nolog? no (option unset) > >>> host in host_lookup? yes (matched "*") > >>> looking up host name for 79.126.200.252 > >>> IP address lookup using gethostbyaddr() > >>> IP address lookup failed: h_errno=1 > LOG: no host name found for IP address 79.126.200.252 > >>> host in host_reject_connection? no (option unset) > >>> host in sender_unqualified_hosts? no (option unset) > >>> host in recipient_unqualified_hosts? no (option unset) > >>> host in helo_verify_hosts? no (option unset) > >>> host in helo_try_verify_hosts? no (option unset) > >>> host in helo_accept_junk_hosts? no (option unset) > 220 example.com ESMTP Exim 4.69 Fri, 11 Jun 2010 23:14:04 +0100 > quit > 221 example.com closing connection > > As there's no mention of acl_smtp_connect in the output I've also tried > creating the same stanza for host_reject_connnection, but without success. > > What am I doing wrong? Any help/tips much appreciated. > > Sebastian > > P.S. I'm also not having any luck adding IP addresses to > /etc/exim4/local_host_blacklist - supposedly a pre-configured ACL in > Debian installations... > -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
