Re: [Exim] Rewriting and open relay

Top Page
Delete this message
Reply to this message
Author: Peter Radcliffe
Date:  
To: exim-users
Subject: Re: [Exim] Rewriting and open relay
Vladimir Litovka <gw-exim@???> probably said:
> Why? Exim receives mail for 'some.domain!user@???' and
> thinks it is local. This is right, but rewrite rule changes destination
> address to user@??? and so Exim must do further processing
> depending on this _new_ address. I think, that rewriting must be very
> first action, _before_ any processing of message, even before security
> checks, because rewriting able to change addresses in any way.


Maintain a database of some.domains that are valid for the bang path
style rewrites and use this as a lookup in the rewrite.
If you get a "fail" in the lookup the rewrite fails and it'll be
an unknown local part.

^([^!]+)!(.*)@relay2\.kiev\.sovam\.com \
$2@${lookup{$1}dbm{/some/where/file}{$1}fail} Tbcrt

You can also limit (if you're doing uucp and the bangbaths are only
valid when injected locally) it on all sorts of other things with
something like;

${if eq {$received_protocol}{local-uucp}{foo}fail}

and set the received_protocol on the exim command line.

See the expanded conditionals stuff in the spec, you can do lots of
stuff in rewrites.

P.

-- 
pir               pir@???      pir@???      pir@???