dnl dnl Проверка адреса получателя в black list'ах dnl dnl NO - не проводить проверку dnl REJECT - возврата клиенту кода 5xx dnl REJECT_ALL - отказ в приеме письма для всех получателей dnl QUARANTINE - принять письмо с сохранением в карантин без доставки получателям dnl QUARANTINE_OTHER - при отказе в приеме письма текущему получателю и наличии других получателей dnl письмо доставляется в карантин без доставки этим остальным получателям dnl DEFER - возврата клиенту кода 451 dnl FAKEREJECT - возврата клиенту кода 5xx с одновременной доставкой сообщения dnl WARN - вывод в лог файл предупреждения dnl GREYLIST:XX - добавить XX баллов к счетчику опционального грейлистинга dnl REJECT:XX - добавить XX баллов к счетчику опционального reject'а dnl DELAY:XX - задержка XX секунд перед ответом на RCPT TO dnl define(`confCHECK_ACCESS_RCPT', `NO')dnl dnl dnl черный список получателей находится в файле CONFDIR/access-rcpt в виде: dnl sender_address : действие : сообщение dnl dnl в качестве "действия" могут выступать: dnl ok - принимать сообщения с данным rcpt to dnl deny - отвергать сообщения с данным rcpt to dnl reject - синоним deny dnl reject_all - отказ в приеме письма для всех получателей dnl quarantine - принять письмо с сохранением в карантин без доставки получателям dnl quarantine_other - при отказе в приеме письма текущему получателю при наличии других получателей dnl письмо доставляется в карантин без доставки этим другим получателям dnl defer - возврат клиенту временной ошибки 4xx dnl drop - отказ в приеме сообщения с обрывом соединения dnl discard - прием письма без доставки получателю dnl fakereject - возврата клиенту кода 5xx с одновременной доставкой сообщения dnl warn - добавлять в заголовки сообщения поле X-Warn-Recipient dnl текст сообщения об ошибке может быть указан через двоеточие dnl greylist=xx - добавление xx баллов к счетчику опционального greylisting'а dnl greylisting=xx - синоним greylist=xx dnl reject=yy - добавление yy баллов к счетчику опционального reject'а dnl deny=yy - синоним reject=yy dnl delay=zz - задержка на zz секунд перед продолжением обработки сообщения dnl pause=zz - синоним delay=zz dnl submit_mysql - занесение записи о хосте в базу MySQL dnl submit_sqlite - занесение записи о хосте в базу SQLite dnl submit_rbl - занесение записи о хосте в DNSBL dnl dnl если в файле CONFDIR/access-rcpt будет отсутствовать поле "действие", dnl то будует выполнено действие по умолчанию из переменно confCHECK_ACCESS_RCPT dnl поле "сообщение" может отсутствовать dnl dnl пример: dnl lesya@tcu.kiev.ua : deny : Access denied dnl *@domain.ua : warn greylist=10 dnl ifelse(confCHECK_ACCESS_RCPT, `YES', `define(`confCHECK_ACCESS_RCPT', `REJECT')') # Проверка адреса получателя в blacklist-ах warn set acl_m1 = set acl_m0 = ${lookup{$local_part@$domain}wildlsearch{CONFDIR/access-rcpt}\ {${if eq{$value}{}{confCHECK_ACCESS_RCPT}{${if match{$value}{\N.+(lookup |[\{\}])\N}{${expand:$value}}{$value}}}}}{}\ } condition = ${if eq{$acl_m0}{}{no}{yes}} acl = acl_normalize_action "${extract{1}{:}{$acl_m0}}" set acl_m1 = ${sg{$acl_m_normalize_action_result }{\N\b([^=\s\d]+)(\s)\N}{\$1=00\$2}} # message = $acl_m2 # log_message = $acl_m0 set acl_m2 = ${expand:${sg{${extract{2}{:}{$acl_m0}}}{\N^\s+\N}{}}} set acl_m0 = ${expand:${sg{${extract{3}{:}{$acl_m0}}}{\N^\s+\N}{}}} set acl_m_check_rcpt_msg = ${if eq{$acl_m0}{}{}{: $acl_m0}} set acl_m0 = ${if eq{$acl_m0}{}{recipient address blacklisted${if eq{$acl_m2}{}{}{: $acl_m2}}}{$acl_m0}} set acl_m2 = ${if eq{$acl_m2}{}{Access denied}{$acl_m2}} ifdef(`confENTERPRISE_USER', `dnl warn set acl_m10 = ${lookup{$sender_host_address}iplsearch{CONFDIR/access-rcpt}{${lc:$value}}{}} warn condition = ${if or{\ {eq{${extract{submitted}{$acl_m9}}}{1}}\ {eq{${extract{relay_from_hosts}{$acl_m9}}}{1}}\ {eq{${extract{authenticated}{$acl_m9}}}{1}}\ {eq{${extract{abuse_or_postmaster}{$acl_m9}}}{1}}\ {eq{${extract{white_list_relays}{$acl_m9}}}{1}}\ {eq{${extract{white_list_senders}{$acl_m9}}}{1}}\ {eq{${extract{white_list_compat}{$acl_m9}}}{1}}\ }{yes}{no}} set acl_m10 = skip_submit warn senders = : set acl_m10 = skip_submit warn condition = ${if eq{$sender_address_local_part}{postmaster}{yes}{no}} set acl_m10 = skip_submit warn condition = ${if match{$acl_m1}{submit_mysql}{yes}{no}} condition = ${if eq{$acl_m10}{skip_submit}{no}{yes}} ENTERPRISE(`mysql', `submit', `rcpt', `blacklisted', `$local_part@$domain', `0') warn condition = ${if match{$acl_m1}{submit_sqlite}{yes}{no}} condition = ${if eq{$acl_m10}{skip_submit}{no}{yes}} ENTERPRISE(`sqlite', `submit', `rcpt', `blacklisted', `$local_part@$domain', `0') warn condition = ${if match{$acl_m1}{submit_rbl}{yes}{no}} condition = ${if eq{$acl_m10}{skip_submit}{no}{yes}} dnl ENTERPRISE(`rbl', `update', `mx.org.ua', `rcpt.rbl.mx.org.ua', `blacklisted', `$local_part@$domain') ENTERPRISE(`rbl', `submit', `rcpt', `blacklisted', `$local_part@$domain') ') dnl # warn warn condition = ${if match{$acl_m1}{warn}{yes}{no}} add_header = X-Warn-Recipient: recipient address $local_part@$domain blacklisted${acl_m_check_rcpt_msg} log_message = $acl_m0${if eq{${extract{pause}{$acl_m1}}}{}{}{: message delayed for ${extract{pause}{$acl_m1}}s}} # pause warn condition = ${if eq{${extract{pause}{$acl_m1}}}{}{no}{yes}} delay = ${extract{pause}{$acl_m1}}s set acl_m_spam_action = ${acl_m_spam_action}\t\ delay=${extract{pause}{$acl_m1}}s\t\t\ $acl_m0\n # quarantine_other warn condition = ${if eq{${extract{quarantine_other}{$acl_m1}}}{00}{yes}{no}} add_header = X-Quarantine-Recipient: recipient address $local_part@$domain blacklisted${acl_m_check_rcpt_msg} log_message = message will be quarantined for all other recipients: recipient address $local_part@$domain blacklisted set acl_m_add_x_orig_rcpt = yes set acl_m_quarantined = $acl_m_quarantined envelope ifdef(`confRECIPIENTS_SPAM_HATERS', `ifelse(confRECIPIENTS_SPAM_HATERS, `NO', `', `dnl set acl_m9 = spam_hater=1 $acl_m9 set acl_m_wl_flag_msg = spam_hater=1 $acl_m_wl_flag_msg ')') dnl ifdef(`confRECIPIENTS_SPAM_HATERS', `ifelse(confRECIPIENTS_SPAM_HATERS, `NO', `')') # reject all warn condition = ${if eq{${extract{reject_all}{$acl_m1}}}{00}{yes}{no}} set acl_m16 = $local_part@$domain blacklisted; message rejected for all the recipients: $acl_m0\ |message rejected for all the recipients: $acl_m2 log_message = message will be rejected for all other recipients # quarantine and !reject # accept \ warn \ condition = ${if eq{${extract{quarantine}{$acl_m1}}}{00}{yes}{no}} condition = ${if or{\ {eq{${extract{reject}{$acl_m1}}}{00}}\ {eq{${extract{reject_all}{$acl_m1}}}{00}}\ }{no}{yes}} add_header = X-Quarantine-Recipient: recipient address $local_part@$domain blacklisted${acl_m_check_rcpt_msg} log_message = message will be quarantined: recipient address $local_part@$domain blacklisted${acl_m_check_rcpt_msg} # set acl_m_skip_verify_recipient = yes set acl_m_add_x_orig_rcpt = yes # set acl_m_quarantined = $acl_m_quarantined envelope set acl_m_quarantined_per_rcpt = ${if eq{$acl_m_quarantined_per_rcpt}{}{}{$acl_m_quarantined_per_rcpt, }}$local_part@$domain set acl_m_check_rcpt_and_accept = yes ifdef(`confRECIPIENTS_SPAM_HATERS', `ifelse(confRECIPIENTS_SPAM_HATERS, `NO', `', `dnl set acl_m9 = spam_hater=1 $acl_m9 set acl_m_wl_flag_msg = spam_hater=1 $acl_m_wl_flag_msg ')') dnl ifdef(`confRECIPIENTS_SPAM_HATERS', `ifelse(confRECIPIENTS_SPAM_HATERS, `NO', `')') # quarantine and reject # accept \ warn \ condition = ${if eq{${extract{quarantine}{$acl_m1}}}{00}{yes}{no}} condition = ${if or{\ {eq{${extract{reject}{$acl_m1}}}{00}}\ {eq{${extract{reject_all}{$acl_m1}}}{00}}\ }{yes}{no}} log_message = message will be quarantined and rejected: recipient address $local_part@$domain blacklisted${acl_m_check_rcpt_msg} # set acl_m_fakereject_per_rcpt = \ # message will be quarantined and rejected: recipient address $local_part@$domain blacklisted${acl_m_check_rcpt_msg}\ # |X-Quarantine-Recipient: recipient address $local_part@$domain blacklisted${acl_m_check_rcpt_msg}\ # |$acl_m2 acl = acl_update_fakereject_per_rcpt \ "message will be quarantined and rejected: recipient address $local_part@$domain blacklisted${acl_m_check_rcpt_msg}" \ "X-Quarantine-Recipient: recipient address $local_part@$domain blacklisted${acl_m_check_rcpt_msg}" \ "$acl_m2" # set acl_m_skip_verify_recipient = yes set acl_m_add_x_orig_rcpt = yes # set acl_m_quarantined = $acl_m_quarantined envelope set acl_m_quarantined_per_rcpt = ${if eq{$acl_m_quarantined_per_rcpt}{}{}{$acl_m_quarantined_per_rcpt, }}$local_part@$domain set acl_m_check_rcpt_and_accept = yes ifdef(`confRECIPIENTS_SPAM_HATERS', `ifelse(confRECIPIENTS_SPAM_HATERS, `NO', `', `dnl set acl_m9 = spam_hater=1 $acl_m9 set acl_m_wl_flag_msg = spam_hater=1 $acl_m_wl_flag_msg ')') dnl ifdef(`confRECIPIENTS_SPAM_HATERS', `ifelse(confRECIPIENTS_SPAM_HATERS, `NO', `')') # !quarantine and reject deny condition = ${if eq{$acl_m_check_rcpt_and_accept}{yes}{no}{yes}} condition = ${if or{\ {eq{${extract{reject}{$acl_m1}}}{00}}\ {eq{${extract{reject_all}{$acl_m1}}}{00}}\ }{yes}{no}} condition = ${if eq{${extract{quarantine}{$acl_m1}}}{00}{no}{yes}} log_message = $acl_m0 message = $acl_m2 defer condition = ${if eq{$acl_m_check_rcpt_and_accept}{yes}{no}{yes}} condition = ${if match{$acl_m1}{defer}{yes}{no}} log_message = $acl_m0 message = $acl_m2 drop condition = ${if eq{$acl_m_check_rcpt_and_accept}{yes}{no}{yes}} condition = ${if match{$acl_m1}{drop}{yes}{no}} log_message = $acl_m0 message = $acl_m2 discard condition = ${if eq{$acl_m_check_rcpt_and_accept}{yes}{no}{yes}} condition = ${if match{$acl_m1}{discard}{yes}{no}} log_message = $acl_m0 warn condition = ${if eq{$acl_m_check_rcpt_and_accept}{yes}{no}{yes}} condition = ${if eq{${extract{fakereject}{$acl_m1}}}{00}{yes}{no}} log_message = message will be fakerejected: recipient address $local_part@$domain blacklisted # set acl_m_fakereject_per_rcpt = \ # message will be fakerejected: $acl_m0\ # |X-Fakerejected: $acl_m0\ # |$acl_m2 acl = acl_update_fakereject_per_rcpt \ "message will be fakerejected: $acl_m0" \ "X-Fakerejected: $acl_m0" \ "$acl_m2" set acl_m_add_x_orig_rcpt = yes ifelse(confGREYLIST, `OPTIONAL', `dnl warn condition = ${if eq{$acl_m_check_rcpt_and_accept}{yes}{no}{yes}} condition = ${if eq{${extract{greylist}{$acl_m1}}}{}{no}{yes}} set acl_m_optional_greylist = \ scores=${eval:${extract{scores}{$acl_m_optional_greylist}}+${extract{greylist}{$acl_m1}}} \ log_message="${extract{log_message}{$acl_m_optional_greylist}} $acl_m0;" set acl_m_spam_action = ${acl_m_spam_action}\t\ greylist scores=${extract{greylist}{$acl_m1}}\t\ $acl_m0\n ') dnl ifelse(confGREYLIST, `OPTIONAL', `') ifdef(`confOPTIONAL_REJECT', `ifelse(confOPTIONAL_REJECT, `NO', `dnl', `dnl warn condition = ${if eq{$acl_m_check_rcpt_and_accept}{yes}{no}{yes}} condition = ${if eq{${extract{reject}{$acl_m1}}}{}{no}{yes}} condition = ${if eq{${extract{reject}{$acl_m1}}}{00}{no}{yes}} set acl_m_optional_reject = \ scores=${eval:${extract{scores}{$acl_m_optional_reject}}+${extract{reject}{$acl_m1}}} \ log_message="${extract{log_message}{$acl_m_optional_reject}} $acl_m0;" set acl_m_spam_action = ${acl_m_spam_action}\t\ reject scores=${extract{reject}{$acl_m1}}\t\t\ $acl_m0\n ')') dnl ifdef(`confOPTIONAL_REJECT', `ifelse(confOPTIONAL_REJECT, `NO', `', `')')