On Tue, 1 Feb 2000, Leonardo Boselli wrote:
> a) the filter must work only for message sent via SMTP from a
> local host [that is the list of relay-accept-hosts LESS the
> secondary MXs]
You can check $sender_host_address for specific IPs.
> b) In such case it should check if any of from/reply-to/resent-from
> addresses is local (that is *@dicea.unifi.it ), if so it must check if
> such address is valid. If the address is invalid it should refuse the
> messages with a 550 (or 553 ?) reply
Even if you could do such a check, sending 550 after the data has been
received is mis-interpreted by several MTAs as a temporary error.
> c) the check must be done on the actual headers sent, not on the
> envelope (so if one send a message giving right mail from: to
> SMTP, but in the headers there is a different one, it must be this
> one to be checked) since the purpose is to notify the sender
> [of course it must refuse on accepting, since being the from
> address invalid how could refuse it ?] of the improper setting.
That is why the refusal would be after the data, leading to the problem
above.
I think you are better off accepting the message with verification of
envelope sender (sender_verify), and then checking it in a system filter
at delivery time. If you want to send an error message, you know that
the envelope sender is OK, so there should be no problem.
> d) The address valid are not just those of user, but also those
> listed in two alias files and in directors (I have one that get all user
> with username beginning with a '0' or a '8' and send to another
> server :-( ) ...
You'd have to duplicate that checking in the filter.
If you want to change your ground rules, there is an easier way that
does some (but not all) of what you want. Just set headers_sender_verify
and headers_check_syntax as well as sender_verify.
--
Philip Hazel University of Cambridge Computing Service,
ph10@??? Cambridge, England. Phone: +44 1223 334714.