On Thu, 15 Mar 2001, Andreas Heinlein wrote:
> 1. Exim requires SMTP authentication, so we have a $authenticated_id for
> later use
I presume from this, that *all* the messages you are interested in
controlling are coming in over SMTP, and are authenticated.
> 2. Certain (authenticated) users may send only to local recipients
> 3. Certain users may send everywhere
> 4. Certain users may send mail locally *and* to certain non-local recipients
> specified in a database/file, on a per-user basis
Set up a router and a director, first in each list, restricted to run
only when $authenticated_id is relevant, by means of the "condition"
option. Now you know they are handling only messages from your users.
The director should check for forbidden addresses by means of a suitable
"condition", and be a smartuser, with new_address = :fail: Not allowed.
The router is trickier because it cannot generate a :fail:
unfortunately. However, you can make it a domainlist that routes to
the local host and set self=fail, which isn't as nice.
In Exim 4, where routers and directors are amalgamated, you'll only need
one router and it will all be much cleaner.
> I believe I need to set up some "condition" on the appropriate routers, but
> what would it look like?
That rather depends on how you maintain the data. One file per sender
seems a bit gross, but would be the easiest.
condition = \
${lookup{$local_part@$domain}lsearch{/allowed/for/$authenticated_id}\
{yes}{no}}
Of course, I've specified two conditions. You'll have to amalgamate them
using the "and" condition.
--
Philip Hazel University of Cambridge Computing Service,
ph10@??? Cambridge, England. Phone: +44 1223 334714.
