On 29/06/17 21:59, Lena--- via Exim-users wrote:
The Reply-To: header takes an address-list and is interpreted as such,
and IIRC used in that way by some mail-clients when subscribed to
mailing-lists but wanting personal copies of replies too. So the `rt:`
ACL is going to calculate something which will emit bogus queries to an
external service.
I tested with `exim -be`. If Reply-To contains more than one address
then ${address expands into empty string, the ${if def
causes the code to not query anything:
rt:
warn set acl_m_rt = ${sg{${lc:${address:$header_Reply-To:}}}{\\+.*@}{@}}
condition = ${if match{$acl_m_rt}{@gmail.com}}
set acl_m_rt = ${sg{${local_part:$acl_m_rt}}{\\.}{}}@gmail.com
deny condition = ${if def:acl_m_rt}
condition = ${lookup{${domain:$acl_m_rt}}nwildlsearch\
{MLDOMAINS}{0}{1}}
dnslists = ebl.msbl.org/${sha1:$acl_m_rt}
log_message = Reply-To: $header_Reply-To: in EBL: $dnslist_text \
From: $header_From:, envelope-from $sender_address, \
recipients=$recipients, Subject: $header_Subject:
message = spam detected
# 419 (Nigerian) scams often sent by humans, do not tell them
# that the spam was detected with EBL http://msbl.org
accept
Wouldn't you want to check all the addresses, do something like
${map{${addresses:$h_reply-to:}}...?
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/