主页 / user-101969

Sam Morris's questions

Martin Hope
Sam Morris
Asked: 2020-03-03 01:56:03 +0800 CST
  • 0

最近的 Exim 升级将此添加到默认acl_smtp_dataACL:

.ifndef NO_CHECK_DATA_VERIFY_HEADER_SYNTAX
deny
  !acl = acl_local_deny_exceptions
  !verify = header_syntax
  message = header syntax
  log_message = header syntax ($acl_verify_message)
.endif

这会导致某些消息被拒绝。例如,垃圾邮件中的以下标头:

2020-03-02 09:22:48 1j8hHk-0000gS-3Y H=(static-181-143-69-27.une.net.co) [181.143.69.27] F=<[email protected]> rejected after DATA: header syntax (unqualified address not permitted: failing address in "From:" header is: =?utf-8?B?IkRhbmlrYSIgPERhbmlrYUB1bmUubmV0LmNvPg==?=): unqualified address not permitted: failing address in "From:" header is: =?utf-8?B?IkRhbmlrYSIgPERhbmlrYUB1bmUubmV0LmNvPg==?=

解码有问题的标头,我们得到:

00000000  22 58 69 6d 65 6e 61 22  20 3c 58 69 6d 65 6e 61  |"Ximena" <Ximena|
00000010  40 76 69 6c 2e 63 6f 6d  2e 75 61 3e              |@vil.com.ua>|
0000001c

From在我看来,这对于标题来说是一个非常好的价值。

我是否冒着使用 拒绝合法邮件的风险verify = header_syntax,或者上面的标题是否无效并且可以安全拒绝?

email spam access-control-list exim
Martin Hope
Sam Morris
Asked: 2013-07-31 10:57:31 +0800 CST
  • 4

我想让 Exim 在处理 RCPT ACL 期间通过调用 LMTP 服务器来执行收件人验证。

我有以下路由器:

virtual_account:
    domains = +virtual_domains
    driver = accept
    transport = dovecot

和运输:

dovecot:
    driver = lmtp
    socket = /var/run/dovecot/lmtp

当 ACL 处理到达以下语句时:

warn
    domains = +virtual_domains
    verify = recipient/callout

未尝试标注:

$ exim -d -bhc 1.2.3.4
...
RCPT TO: [email protected]
>>> using ACL "acl_check_rcpt"
...
processing "warn"
check domains = +virtual_domains
cached yes match for +virtual_domains
cached lookup data = example.com
example.com in "+virtual_domains"? yes (matched "+virtual_domains" - cached)
check verify = recipient/callout
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Verifying [email protected]
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Considering [email protected]
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
routing [email protected]
...
--------> virtual_account router <--------
local_part=test domain=example.com
checking domains
cached yes match for +virtual_domains
cached lookup data = example.com
example.com in "+virtual_domains"? yes (matched "+virtual_domains" - cached)
R: virtual_account for [email protected]
calling virtual_account router
virtual_account router called for [email protected]
  domain = example.com
queued for dovecot transport: local_part = test
domain = example.com
  errors_to=NULL
  domain_data=example.com localpart_data=NULL
routed by virtual_account router
  envelope to: [email protected]
  transport: dovecot
Cannot do callout: neither router nor transport provided a host list
----------- end verify ------------
warn: condition test succeeded in ACL "acl_check_rcpt"

我猜lmtp运输无法进行标注,但我会很感激第二个意见。

smtp
Martin Hope
Sam Morris
Asked: 2009-07-02 09:58:05 +0800 CST
  • 5

我什至不确定我问的对不对。每当有人提到更改 root 密码时,他们都会提到更改/etc/passwd,或者只是使用passwd命令,但我从未听说过必须在 authorized_keys 文件中更改它。我在哪里可以找到它,我怎样才能安全地删除一个条目或将其更改为 root 而不会造成破坏?谢谢!

linux ssh root