Re: [Exim] Exim 4 Planning - some comments.

Top Page
Delete this message
Reply to this message
Author: Philip Hazel
Date:  
To: John Sloan
CC: exim-users
Subject: Re: [Exim] Exim 4 Planning - some comments.
On Tue, 2 Jan 2001, John Sloan wrote:

> Hmm. I'm uncomfortable with this proposed syntax. An alternative might
> be to go with an ACL type format, such as that used by some routers and
> programs such as squid (my primary source for this idea). Multiple lines
> which terminate on the first match. Such a format might look like:
>
> accept_recipient accept (address = +local_domains) verify sender_verify
> accept_recipient accept (address = +relay_domains) sender_verify
> accept_recipient deny all


What do other people feel about this proposal?

I can see the attraction, but I have two worries:

(A) Multiple option settings aren't used for anything else in Exim. I'd
rather not introduce one thing that is special. The more "natural" way
to do this would be to invent a new section of the configuration file
(like the rewrite, retry sections) to contain the recipient ACL.

(B) The more substantive point: I fear that too much repetition will be
needed because of the lack of parentheses. Your example above already has
to repeat sender_verify, which is trivial, but what about this example:

Accept a recipient if it comes from a certain list of hosts, and
either the SMTP session is authenticated, or the host is not in an RBL
list.

Assume ACL items separated by colons (so I've doubled the colons in the
host list, but alternatively you could change separators):

accept host = 192.168.10.3 :: 10.3.4.0/24 : authenticated
accept host = 192.168.10.3 :: 10.3.4.0/24 : notlisted = dul.maps.vix.com

With my proposed syntax, this is

  accept_recipient = host = 192.168.10.3 : 10.2.4.0/24   \
                     AND                                 \
                       (                                 \
                       authenticated                     \
                       OR                                \
                       notlisted = dul.mapx.vix.com      \
                       )   


My worry is that in complicated situations, this kind of repetition will
be necessary rather often. Perhaps it doesn't matter too much from a
conceptual point of view, but it makes it a *lot* harder to optimise
testing by caching. Let me explain some more:

Using my scheme, if a message has several recipients, the host test will
be done for the first one, and Exim will remember that "the first test
succeeded" (or failed, as the case may be). If the list involves
database lookups, the test might be quite expensive to perform. When the
second recipient is being checked, the test need not be done again.

Using ACLs, it isn't obvious that the second host test is identical to
the first one. (Well, this example is obvious to a human, but what if
the spacing were different, or the items were in another order, or some
other minor change. Checking for "the same test" isn't trivial.)


Hmm... <thinks> ...

Maybe I'm just inexperienced in writing ACLs. I guess it could be
written without repetition like this:

  deny    host = ! 192.168.10.3 :: ! 10.3.4.0/24
  accept  authenticated
  accept  notlisted = dul.maps.vix.com   


Let me have a go at writing the big example from my document:

accept_recipient = address = postmaster@??? OR \
                   sender = !bad@??? AND \
                   ( \
                    address = +local_domains AND verify OR \
                    authenticated OR \
                    address = +relay_domains OR \
                    host = 192.168.23.0/24 \
                   ) \
                   AND notlisted = dul.maps.vix.com \
                   AND sender_verify


This turns into

  accept   address = postmaster@???
  deny     sender = bad@???
  deny     listed = dul.maps.vix.com
  deny     no_sender_verify   
  accept   address = +local_domains : verify
  accept   authenticated
  accept   address = +relay_domains
  accept   host = 192.168.23.0/24


(I think an implicit "deny all" at the end should be understood.)

I have to admit that that is no more complicated than my proposal, and
it also simplifies things by not having to worry about parentheses and
AND and OR (and messy continuation lines). Actually, both of these
settings contain the same bug. Proving how tricky it is to write logical
expressions, whatever the syntax. An exercise for the reader. :-] The
mended version may even be neater in the ACL syntax.


SO... What do people think? Votes, please.


-- 
Philip Hazel            University of Cambridge Computing Service,
ph10@???      Cambridge, England. Phone: +44 1223 334714.