# closure, but I\'m fairly sure it\'s now worth it, since the backport of
# policyd-weight is trivial.
warn !hosts = +debianhosts
- set acl_m9 = ${readsocket{inet:127.0.0.1:12525}\
+ set acl_m_pw = ${readsocket{inet:127.0.0.1:12525}\
{request=smtpd_access_policy\n\
protocol_state=RCPT\n\
protocol_name=${uc:$received_protocol}\n\
# Defer on socket error
defer !hosts = +debianhosts
- condition = ${if eq{$acl_m9}{socket failure}{yes}{no}}
+ condition = ${if eq{$acl_m_pw}{socket failure}{yes}{no}}
message = Cannot connect to policyd-weight. Please try again later.
- # Set proposed action to $acl_m8 and message to $acl_m7
+ # Set proposed action to $acl_m_act and message to $acl_m_mes
warn !hosts = +debianhosts
- set acl_m8 = ${extract{action}{$acl_m9}}
- set acl_m7 = ${sg{$acl_m9}{\Naction=[^ ]+ (.*)\n\n\N}{\$1}}
+ set acl_m_mes = ${extract{action}{$acl_m_pw}}
+ set acl_m_act = ${sg{$acl_m_pw}{\Naction=[^ ]+ (.*)\n\n\N}{\$1}}
# Add X-policyd-weight header line to message
warn !hosts = +debianhosts
- message = $acl_m7
- condition = ${if eq{$acl_m8}{PREPEND}{yes}{no}}
+ message = $acl_m_mes
+ condition = ${if eq{$acl_m_act}{PREPEND}{yes}{no}}
# Write log message, if policyd-weight can\'t run checks
warn !hosts = +debianhosts
- log_message = policyd-weight message: $acl_m7
- condition = ${if eq{$acl_m8}{DUNNO}{yes}{no}}
+ log_message = policyd-weight message: $acl_m_mes
+ condition = ${if eq{$acl_m_act}{DUNNO}{yes}{no}}
# Deny mails which policyd-weight thinks are spam
deny !hosts = +debianhosts
- message = policyd-weight said: $acl_m7
- condition = ${if eq{$acl_m8}{550}{yes}{no}}
+ message = policyd-weight said: $acl_m_mes
+ condition = ${if eq{$acl_m_act}{550}{yes}{no}}
# Defer messages when policyd-weight suggests so.
defer !hosts = +debianhosts
- message = policyd-weight said: $acl_m7
- condition = ${if eq{$acl_m8}{450}{yes}{no}}
+ message = policyd-weight said: $acl_m_mes
+ condition = ${if eq{$acl_m_act}{450}{yes}{no}}
'
end
out
elsif has_variable?("postgrey") && postgrey == "true"
out = '
# next three are greylisting, inspired by http://www.bebt.de/blog/debian/archives/2006/07/30/T06_12_27/index.html
- # this adds acl_m4 if there isn\'t one (so unique per message)
+ # this adds acl_m_grey if there isn\'t one (so unique per message)
warn
!senders = :
!hosts = : +debianhosts : WHITELIST
- condition = ${if def:acl_m4 {no}{yes}}
- set acl_m4 = $pid.$tod_epoch.$sender_host_port
+ condition = ${if def:acl_m_grey {no}{yes}}
+ set acl_m_grey = $pid.$tod_epoch.$sender_host_port
# and defers the message if postgrey thinks it should be defered ...
defer
!authenticated = *
domains = +handled_domains : +rcpthosts
local_parts = GREYLIST_LOCAL_PARTS
- set acl_m3 = request=smtpd_access_policy\n\
+ set acl_m_pgr = request=smtpd_access_policy\n\
protocol_state=RCPT\n\
protocol_name=${uc:$received_protocol}\n\
- instance=${acl_m4}\n\
+ instance=${acl_m_grey}\n\
helo_name=${sender_helo_name}\n\
client_address=${substr_-3:${mask:$sender_host_address/24}}\n\
client_name=${sender_host_name}\n\
sender=${sender_address}\n\
recipient=$local_part@$domain\n\n
- set acl_m3 = ${sg{\
- ${readsocket{/var/run/postgrey/socket}{$acl_m3}\
+ set acl_m_pgr = ${sg{\
+ ${readsocket{/var/run/postgrey/socket}{$acl_m_pgr}\
{5s}{}{action=DUNNO}}\
}{action=}{}}
- message = ${sg{$acl_m3}{^\\\\w+\\\\s*}{}}
+ message = ${sg{$acl_m_pgr}{^\\\\w+\\\\s*}{}}
log_message = greylisted.
- condition = ${if eq{${uc:${substr{0}{5}{$acl_m3}}}}{DEFER}}
+ condition = ${if eq{${uc:${substr{0}{5}{$acl_m_pgr}}}}{DEFER}}
# ... or adds a header with information about how long the delay was
warn
!authenticated = *
domains = +handled_domains : +rcpthosts
local_parts = GREYLIST_LOCAL_PARTS
- condition = ${if eq{${uc:${substr_0_7:$acl_m3}}}{PREPEND}}
- message = ${sg{$acl_m3}{^\\\\w+\\\\s*}{}}
+ condition = ${if eq{${uc:${substr_0_7:$acl_m_pgr}}}{PREPEND}}
+ message = ${sg{$acl_m_pgr}{^\\\\w+\\\\s*}{}}
'
end
out
acl_check_mime:
deny condition = ${if <{$message_size}{256000}}
- set acl_m5 = ${perl{surblspamcheck}}
- condition = ${if eq{$acl_m5}{false}{no}{yes}}
- log_message = $acl_m5
- message = $acl_m5
+ set acl_m_srb = ${perl{surblspamcheck}}
+ condition = ${if eq{$acl_m_srb}{false}{no}{yes}}
+ log_message = $acl_m_srb
+ message = $acl_m_srb
accept
'
if nodeinfo.has_key?('heavy_exim') and not nodeinfo['heavy_exim'].empty?
out='
deny condition = ${if <{$message_size}{256000}}
- set acl_m5 = ${perl{surblspamcheck}}
- condition = ${if eq{$acl_m5}{false}{no}{yes}}
- log_message = $acl_m5
+ set acl_m_srb = ${perl{surblspamcheck}}
+ condition = ${if eq{$acl_m_srb}{false}{no}{yes}}
+ log_message = $acl_m_srb
+ message = $acl_m_srb
'
end
out
projects / dsa-puppet.git / commitdiff