Re: [Exim] $local_part equivilent in an ACL

Pàgina inicial
Delete this message
Reply to this message
Autor: Philip Hazel
Data:  
A: Rick Ennis
CC: exim-users
Assumpte: Re: [Exim] $local_part equivilent in an ACL
On Mon, 30 Sep 2002, Rick Ennis wrote:

> All ACLs are run before any of the routers (correct me if I'm wrong there).


Well, not totally true. Routers are used for address verification, which
can be requested from an ACL.

> So there's no way to get the recipient user's actual login name (I'm
> thinking something like $local_part here) in the ACL, right? The glaring
> example I think of first is an alias address. If the recipient address is
> an alias, but the "redirect" router that does the substitution for the alias
> isn't run until later, the ACL wouldn't have any way of getting the real
> login name.


In the next release (not expected for some months) the value from
$address_data at the end of routing during verification will be
available back in the ACL. That might be one way of solving your
problem. However, a more traditional way of doing this would simply be
to arrange for the recipient verification to fail, with a router like
this:

special:
  driver = redirect
  check_local_user
  verify_only
  verify_sender = false
  condition = ${lookup{$sender_address_domain}lsearch\
               {/home/$local_part/..}{yes}{no}}
  allow_fail
  data = :fail: get lost


... or something along those lines. That's just a sketch outline. Of
course, you'd place that _after_ the aliasing router.

> The reason I ask is because I want to do a file lookup in the user's home
> directory in the ACL. Something like...
>
> deny  !sender_domains = /home/$local_part/no-verify-domains
>          !verify = sender/callout

>
> Is there any variable I can use in place of $local_part that would work
> there?


No.

And remember, Exim is running as "exim" at ACL time. You would have
to ensure that the file in the user's home directory was readable by
exim for that to work (and indeed also for my router suggestion to
work).


--
Philip Hazel            University of Cambridge Computing Service,
ph10@???      Cambridge, England. Phone: +44 1223 334714.