Re: [Exim] bug: ACLs in files

Góra strony
Delete this message
Reply to this message
Autor: Christopher Bodenstein
Data:  
Dla: exim-users
Temat: Re: [Exim] bug: ACLs in files
Hi,

Talking about ACLs in files, I've encountered something strange.

We host many differents domains and I wanted to add some specific ACLs
for a given domain, so I created an ACL file for each domain I wanted
specific ACLs for.

On my test machine everything went just fine (as soon as I discovered
that you could not include blank lines in the files ;)).

So I started deploying it on our MXes and then discovered the following
errors:

2002-11-19 18:52:23 internal ACL error: uknown verb 825111348

or

2002-11-19 20:54:58 internal ACL error: uknown condition 7497068

I first thought it would be related to the fact I added an ldap lookup
in one of those ACLs files, but removing it didn't change anything.
I also noticed that it seemed to be load related, since it mostly
appeared on our primary MX and only a few times on our secondary MX.

After a quick glance a the source, it seems that exim isn't able to find
either a valid condition or a valid verb; which seems odd since I used
basically the same acls in the exim configuration file for some time now.

Any idea what could cause this or how I could trace it to get more debug
info?

Here is my specific ACL file:

accept  hosts = :
deny    local_parts   = ^.*[@%!/|]
deny    log_message     = Spam return denied
        local_parts     = ^movie.* : ^yes.*
accept  local_parts   = postmaster : abuse : support
deny    message = $sender_host_name $sender_host_address in RBL list at
$dnslist_domain\n$dnslist_text
        dnslists      = relays.ordb.org
warn    message       = X-RBL-Warning: $sender_host_address is in a
black list at $dnslist_domain
        log_message   = found in $dnslist_domain
        dnslists      = orbs.dorkslayers.com : relays.osirusoft.com :
dnsbl.njabl.org : relays.visi.com
require log_message     = Invalid sender
        message = Couldn't verify the sender
        verify  = sender/defer_ok
accept  condition     = ${if eq{${lookup ldap {user="cn=mail,
ou=accounts,company=Easynet,o=easynet.net" pass=mypasswd
ldap:///o=easynet.net?uid?sub?(mailaddress=$local_part@$domain)}}} {} {0} {1}}
accept  hosts         = +relay_from_hosts
deny    message       = No such user here


and my default acl file is the same without the local_parts and ldap
lookup but with an accept for +relay_domains

OTOH, I was just wondering what may happen to the messages raising that
error?

Thanks in advance.

Kind regards,

Chris

--
Christopher Bodenstein - christopher.bodenstein@???
Systems Administrator - Easynet Belgium

Great acts are made up of small deeds.
                -- Lao Tsu