Re: [Exim] Exim 4.14 ChangeLog item #90: local part prefixes…

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Kevin P. Fleming
Dátum:  
Címzett: exim-users
Tárgy: Re: [Exim] Exim 4.14 ChangeLog item #90: local part prefixes/suffixes
Philip Hazel wrote:
> This just goes to prove the old saying that one person's bug is another
> person's facility. Sigh.


<G>

> Seems like NOT using local_part_prefix is called for, so that you don't
> mess with the local part for RCPT. Then, I think, regular expressions
> are your friend. Something like
>
> ${if match{$local_part}{\N^([^+]+)\+\N}{$1}{$local_part}}
>
> should give you "user" or the full local part if there's no "+" in it.
> You can use this in the lookup that validates the local part, and also
> in setting authenticated_sender, can't you?
>


Here's what I arrived at after a few iterations. The router is:

local:
driver = accept
domains = +local_domains
condition = ${lookup{user.${lc:${sg{$local_part}{\N\+\N}{.}}}}
lsearch {/storage/imap/mailboxes.db} {yes}{no}}
transport = local_delivery

This just replaces + characters in the local part with . characters,
then does a lookup into the Cyrus mailbox list. This actually has one
small flaw, in that if a message comes in address to user+foobar, but
"user" does not have a "foobar" folder it will get rejected. However, if
it was accepted, Cyrus would take and just put it into the user's Inbox.
Not a big deal for me.

The transport is:

local_delivery:
driver = smtp
protocol = lmtp
allow_localhost = yes
hosts = 127.0.0.1
authenticated_sender = ${sg{$local_part}{\N(.*)(\+.*)\N}{\$1}}
hosts_require_auth = 127.0.0.1
max_rcpt = 1

This strips the +folder portion off the local part and supplies the
remainder as authenticated_sender. This appears to be working OK,
although there are some issues with caseful matching (Cyrus is case
sensitive on local parts and folder names, at least for now). I may go
back to having a router ahead of "local" that uses redirect to lowercase
the entire local part before "local" gets it; this avoids the issue
because then Exim use the lowercased part everywhere.

Ideally, I could avoid the complicated router if I could do an LMTP
callforward. However, making the callout code be able to handle AUTH is
a non-trivial exercise. If you're interested, I'd like to discuss it
with you, Philip, just to see if it's doable.