On Tue, 9 Jul 2002, Joachim Wieland wrote:
> That's why I would like to have a variable that contains the name(s) of
> the ACLs that were passed. With such a variable I would know what kind
> of client requests verification without re-executing all the DB and file
> lookups.
>
> This ACL should set (or add a string to) a special variable:
>
> accept authenticated = *
> endpass
> message = unrouteable address
> variable = ACL=authenticated
> verify = recipient/defer_ok
You could add
warn message = X-was-authenticated: yes
> And the router should be able to get its value:
>
> dnslookup:
> driver = dnslookup
> domains = !+local_domains
> transport = remote_smtp
> fail_verify_recipient = ${if eq {${extract{ACL}{$acl_history}}}{authenticated}{false}{true}
Ah. Sorry. My idea isn't going to work if you are expecting the
dnslookup router to do the test during the ACL verification (because
message headers aren't set up at that stage).
> What do you think about it? Does anybody have another idea?
If all you want to know is whether the connection is authenticated or
not, just test the value of $sender_host_authenticated.
--
Philip Hazel University of Cambridge Computing Service,
ph10@??? Cambridge, England. Phone: +44 1223 334714.
