dnl dnl проверка рилея отправителя в RFC Ignorant List dnl dnl параметры конструкции RFC Ignorant List: dnl 1. имя зоны dnl 2. действие в случае попадания рилея отправителя в RFC Ignorant List dnl reject - отвергать сообщение dnl deny - синоним reject dnl drop - обрыв соединения dnl defer - возврат временной ошибки dnl warn - выводить в лог файл предупреждение dnl greylist:xx - добавление xx баллов к счетчику опционального greylisting'а dnl greylisting:xx - синоним greylist:xx dnl reject:yy - добавление yy баллов к счетчику опционального reject'а dnl deny:yy - синоним reject:yy dnl delay:zz - задержка на zz секунд перед продолжением обработки сообщения dnl pause:zz - синоним delay:zz dnl действия warn, greylist:xx, reject:yy и delay:zz можно указывать одновременно через пробел dnl 3. действие в случае defer'а от резолвера dnl pass - принять сообщение dnl defer - вернуть клиенту 4xx dnl 4. сообщение отправителю: dnl пустое значение - формируется умолчательное сообщение отправителю dnl текст - данный текст возвращается отправителю как текст сообщения об ошибке dnl dnl RFC_IGNORANT_LIST(`abuse.rfc-ignorant.org', `warn greylist:10 reject:8', `pass', dnl `MX of domain does not have a working abuse address') dnl RFC_IGNORANT_LIST(`postmaster.rfc-ignorant.org', `warn greylist:10 reject:8', `pass', dnl `MX of domain does not have a working postmaster address') dnl RFC_IGNORANT_LIST(`dsn.rfc-ignorant.org', `warn greylist:10 reject:8', `pass', dnl `MX of domain do not accept bounces. This violates RFC 821/2505/2821') dnl RFC_IGNORANT_LIST(`bogusmx.rfc-ignorant.org', `warn greylist:10 reject:8', `pass', dnl `') dnl ifelse(SECTION, `MAIN', `dnl hostlist skip_rfc_ignorant = 127.0.0.1 : CONFDIR/skip_rfc_ignorant : CONFDIR/hosts-relayfrom ') ifelse(SECTION, `ACL_CHECK_RCPT', `dnl ifdef(`_RFC_IL_NO', ` define(`_AV_TMP', `eval(_RFC_IL_NO + 1)') define(`_RFC_IL_NO', _AV_TMP) ',` define(`_RFC_IL_NO', `0') ') define(`_RFC_IL_NAME', `confRFC_LIST'_RFC_IL_NO`_NAME')dnl define(`_RFC_IL_ACT', `confRFC_LIST'_RFC_IL_NO`_ACT')dnl define(`_RFC_IL_DEFER', `confRFC_LIST'_RFC_IL_NO`_DEFER')dnl define(`_RFC_IL_MSG', `confRFC_LIST'_RFC_IL_NO`_MSG')dnl ifelse(_RFC_IL_NAME,`confRFC_LIST'_RFC_IL_NO`_NAME',`',` define(`_RFC_TMP', `NORMALIZE_ACTION(_RFC_IL_ACT)')dnl define(`_RFC_IL_ACT', _RFC_TMP)dnl dnl ifelse(_RFC_IL_MSG, `', `define(`_RFC_IL_MSG', `rejected because $sender_address_domain is in RFC Ignorant List at $dnslist_domain\nSee for details')') dnl ifelse(_RFC_IL_MSG`'X, `'X, `define(`_RFC_IL_MSG', `rejected because $sender_address_domain is in RFC Ignorant List at $dnslist_domain\nSee for details')') ifelse(len(X`'_RFC_IL_MSG), `1', `define(`_RFC_IL_MSG', `rejected because $sender_address_domain is in RFC Ignorant List at $dnslist_domain\nSee for details')') # Проверка домена отправителя в RFC Ignorant List ifelse_strstr(_RFC_IL_ACT, `pause=', `dnl warn hosts = !+skip_rfc_ignorant ! senders = @@wildlsearch;CONFDIR/skip_rfc_ignorant_mail dnslists = ifelse(_RFC_IL_DEFER, `pass', `+exclude_unknown', `+defer_unknown') : _RFC_IL_NAME/$sender_address_domain delay = EXTRACT(`pause', _RFC_IL_ACT)`'s set acl_m15 = ${acl_m15}\t\ delay=EXTRACT(`pause', _RFC_IL_ACT)`'s\t\t\ Sender domain $sender_address_domain listed in $dnslist_domain\n ') dnl ifelse_strstr(_RFC_IL_ACT, `pause=', `') ifelse(_RFC_IL_ACT, `reject', `dnl deny hosts = !+skip_rfc_ignorant ! senders = @@wildlsearch;CONFDIR/skip_rfc_ignorant_mail dnslists = ifelse(_RFC_IL_DEFER, `pass', `+exclude_unknown', `+defer_unknown') : _RFC_IL_NAME/$sender_address_domain message = _RFC_IL_MSG log_message = Sender domain $sender_address_domain listed in $dnslist_domain ', `dnl ifelse(_RFC_IL_ACT, `drop', `dnl drop hosts = !+skip_rfc_ignorant ! senders = @@wildlsearch;CONFDIR/skip_rfc_ignorant_mail dnslists = ifelse(_RFC_IL_DEFER, `pass', `+exclude_unknown', `+defer_unknown') : _RFC_IL_NAME/$sender_address_domain message = _RFC_IL_MSG log_message = Sender domain $sender_address_domain listed in $dnslist_domain ', `dnl ifelse(_RFC_IL_ACT, `defer', `dnl defer hosts = !+skip_rfc_ignorant ! senders = @@wildlsearch;CONFDIR/skip_rfc_ignorant_mail dnslists = ifelse(_RFC_IL_DEFER, `pass', `+exclude_unknown', `+defer_unknown') : _RFC_IL_NAME/$sender_address_domain message = _RFC_IL_MSG log_message = Sender domain $sender_address_domain listed in $dnslist_domain ', `dnl warn hosts = !+skip_rfc_ignorant ! senders = @@wildlsearch;CONFDIR/skip_rfc_ignorant_mail dnslists = ifelse(_RFC_IL_DEFER, `pass', `+exclude_unknown', `+defer_unknown') : _RFC_IL_NAME/$sender_address_domain add_header = X-Warn-RFC-Ignorant: $sender_address_domain is in a black list at $dnslist_domain ifelse_strstr(_RFC_IL_ACT, `warn', `dnl log_message = Sender domain $sender_address_domain listed in $dnslist_domain\ ifelse_strstr(_RFC_IL_ACT, `pause=', `; message delayed for EXTRACT(`pause', _RFC_IL_ACT)`'s') ') dnl ifelse_strstr(_RFC_IL_ACT, `warn', `') ifelse_strstr(_RFC_IL_ACT, `greylist=', `dnl set acl_m_optional_greylist = \ scores=${eval:${extract{scores}{$acl_m_optional_greylist}}+EXTRACT(`greylist', _RFC_IL_ACT)} \ log_message="${extract{log_message}{$acl_m_optional_greylist}} greylisted due to $sender_address_domain is in RFC Ignorant List at $dnslist_domain;" set acl_m15 = ${acl_m15}\t\ greylist scores=EXTRACT(`greylist', _RFC_IL_ACT)\t\ $sender_address_domain is in RFC Ignorant List at $dnslist_domain\n ') dnl ifelse_strstr(_RFC_IL_ACT, `greylist=', `') ifelse_strstr(_RFC_IL_ACT, `reject=', `dnl set acl_m_optional_reject = \ scores=${eval:${extract{scores}{$acl_m_optional_reject}}+EXTRACT(`reject', _RFC_IL_ACT)} \ log_message="${extract{log_message}{$acl_m_optional_reject}} rejected due to $sender_address_domain is in RFC Ignorant List at $dnslist_domain;" set acl_m15 = ${acl_m15}\t\ reject scores=EXTRACT(`reject', _RFC_IL_ACT)\t\t\ $sender_address_domain is in RFC Ignorant List at $dnslist_domain\n ') dnl ifelse_strstr(_RFC_IL_ACT, `reject=', `') ') dnl ifelse(_RFC_IL_ACT, `defer', `') ') dnl ifelse(_RFC_IL_ACT, `drop', `') ') dnl ifelse(_RFC_IL_ACT, `reject', `') FEATURE(`rfc_ignorant_list') ') dnl ifelse(_RFC_IL_NAME,`confRFC_LIST'_RFC_IL_NO`_NAME',`',`') ') dnl ifelse(SECTION, `ACL_CHECK_RCPT', `')