At 1:34 +0000 2002/12/02, Giuliano Gavazzi wrote:
>
>Now, how can I send a temporary failure 4XX if the $sender_host_name
>expand to the null string (DNS failure)?
>I see two options: either a "fail" action, that acts like deny, but
>sends a 4XX error message, or allow deny to specify the complete error
>message, so that I can send a 4XX message myself.
first I must correct my ACL to really compare the domain part only, second I have found a way to get a 4xx error out, a failure in a lookup. My rule loses in "elegance":
deny sender_domains = hotmail.com : yahoo.com : public.com : ...
message = X-Forgery: $sender_host_name NOT A $sender_helo_name SERVER (OR TEMPORARY DNS FAILURE)
condition = ${if match {${extract{-2}{.}{$sender_host_name}{$value}{${lookup {x} lsearch {/etc/inexistent} {$
value}}}}.${extract{-1}{.}{$sender_host_name}{$value}fail}}{${extract{-2}{.}{$sender_helo_name}{$value}fail}.${extract{-1}{.}{$sende
r_helo_name}{$value}fail}}{no}{yes}}
Clearly /etc/inexistent must not exist and "match" could be really be changed with "eq".
Maybe I could split lines with \ but it is too late to check.
Giuliano
--
H U M P H
|| |||
software
Java & C++ Server/Client/Human Interface applications on MacOS - MacOS X
http://www.humph.com/
