]> git.openstreetmap.org Git - chef.git/commitdiff
Allow domain level blocks on email senders
authorTom Hughes <tom@compton.nu>
Wed, 1 Nov 2023 09:02:35 +0000 (09:02 +0000)
committerTom Hughes <tom@compton.nu>
Wed, 1 Nov 2023 17:00:35 +0000 (17:00 +0000)
cookbooks/exim/recipes/default.rb
cookbooks/exim/templates/default/exim4.conf.erb

index 71309e6090e12c44c744665da2b1ec0d1c0b45d6..ced5a91965c8721b00e281c4d8efb5b5f1322081 100644 (file)
@@ -126,6 +126,12 @@ file "/etc/exim4/blocked-senders" do
   mode "644"
 end
 
   mode "644"
 end
 
+file "/etc/exim4/blocked-sender-domains" do
+  owner "root"
+  group "Debian-exim"
+  mode "644"
+end
+
 if node[:exim][:dkim_selectors]
   keys = data_bag_item("exim", "dkim")
 
 if node[:exim][:dkim_selectors]
   keys = data_bag_item("exim", "dkim")
 
index 0830aa141f1d5a18a7c971fd4f9973caf731a3ef..6babb839a208c80fe1975e23c9f737ecae420f15 100644 (file)
@@ -446,6 +446,10 @@ acl_check_rcpt:
           message       = Rejected because $sender_address is blacklisted\nQueries to postmaster@$qualify_domain
           !hosts        = +relay_from_hosts
 
           message       = Rejected because $sender_address is blacklisted\nQueries to postmaster@$qualify_domain
           !hosts        = +relay_from_hosts
 
+  deny    sender_domains= partial-lsearch;/etc/exim4/blocked-sender-domains
+          message       = Rejected because $sender_address is blacklisted\nQueries to postmaster@$qualify_domain
+          !hosts        = +relay_from_hosts
+
   # Accept mail to postmaster in any local domain, regardless of the source,
   # and without verifying the sender.
 
   # Accept mail to postmaster in any local domain, regardless of the source,
   # and without verifying the sender.