> The Reply-To: header takes an address-list and is interpreted as such, > and IIRC used in that way by some mail-clients when subscribed to > mailing-lists but wanting personal copies of replies too. So the `rt:` > ACL is going to calculate something which will emit bogus queries to an > external service.
I tested with `exim -be`. If Reply-To contains more than one address then ${address expands into empty string, the ${if def causes the code to not query anything: rt: warn set acl_m_rt = ${sg{${lc:${address:$header_Reply-To:}}}{\\+.*@}{@}} condition = ${if match{$acl_m_rt}{@gmail.com}} set acl_m_rt = ${sg{${local_part:$acl_m_rt}}{\\.}{}}@gmail.com deny condition = ${if def:acl_m_rt} condition = ${lookup{${domain:$acl_m_rt}}nwildlsearch\ {MLDOMAINS}{0}{1}} dnslists = ebl.msbl.org/${sha1:$acl_m_rt} log_message = Reply-To: $header_Reply-To: in EBL: $dnslist_text \ From: $header_From:, envelope-from $sender_address, \ recipients=$recipients, Subject: $header_Subject: message = spam detected # 419 (Nigerian) scams often sent by humans, do not tell them # that the spam was detected with EBL http://msbl.org accept -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/