hi again,
i want to implement user - definable black / whitelists
hm i looked around and found that i can use acl.
But perhaps my brains are frosted and i should use a router...
however, it doesn't work as expected, but mostly because the acl's i've
written are never reached as i saw in debug output, hm before i try to
configure an impossible thing, i'd like to ask you if i'm right...
sorry for the mailbox bloating..:-)
defined lists:
domainlist whitelist_domains = ${lookup mysql {select acpt_domain from
whitelist where rcpt_address="${local_part}@${domain}"}fail}
addresslist whitelist_sender = ${lookup mysql {select acpt_address from
whitelist where rcpt_address="${local_part}@${domain}"}fail}
domainlist blacklist_domains = ${lookup mysql {select deny_domain from
blacklist where rcpt_address="${local_part}@${domain}"}}
hostlist blacklist_hosts = ${lookup mysql {select deny_host from
blacklist where rcpt_address="${local_part}@${domain}"}}
addresslist blacklist_sender = ${lookup mysql {select deny_address from
blacklist where rcpt_address="${local_part}@${domain}"}}
addresslist blacklist_regex = ${lookup mysql {select deny_regex from
blacklist where rcpt_address="${local_part}@${domain}"}}
...
begin acl
acl_check_rcpt:
accept hosts = :
deny local_parts = ^.*[@%!/|] : ^\\.
accept local_parts = postmaster
domains = +local_domains
require verify = sender
accept domains = +local_domains
endpass
message = unknown user
verify = recipient
accept domains = +relay_to_domains
endpass
message = unrouteable address
verify = recipient
deny message = rejected because $sender_host_address is in a
black list at $dnslist_domain\n$dnslist_text
dnslists = relays.ordb.org : sbl.spamhaus.org
#Blacklisting Senders and Sender Domains or Sender Hosts...based on
our users demand...
deny sender_domains= +blacklist_domains
condition = ${if eq {}{${lookup mysql {select block from users
where address='${quote_mysql:${local_part}@${domain}}' and
block='blacklist' }}}{no}{yes}}
message = ${lookup mysql {select deny_message from blacklist
where deny_domain='${quote_mysql:${sender_address_domain}}' and address
='${quote_mysql:${local_part}@${domain}}'}{$value}}
deny hosts = +blacklist_hosts
condition = ${if eq {}{${lookup mysql {select block from users
where address='${quote_mysql:${local_part}@${domain}}' and
block='blacklist' }}}{no}{yes}}
message = Host $sender_host_address is blocked: ${lookup mysql
{select deny_message from blacklist where
deny_host='${quote_mysql:${$sender_host_address}}' and address
='${quote_mysql:${local_part}@${domain}}'}{$value}{"unspecified reason"}}
deny senders = +blacklist_sender
condition = ${if eq {}{${lookup mysql {select block from users
where address='${quote_mysql:${local_part}@${domain}}' and
block='blacklist' }}}{no}{yes}}
message = Sender $sender_address is blocked: ${lookup mysql
{select deny_message from blacklist where
deny_host='${quote_mysql:${$sender_address}}' and address
='${quote_mysql:${local_part}@${domain}}'}{$value}{"unspecified reason"}}
deny senders = +blacklist_regex
condition = ${if eq {}{${lookup mysql {select block from users
where address='${quote_mysql:${local_part}@${domain}}' and
block='blacklist' }}}{no}{yes}}
message = Sender $sender_address is blocked: matches USER
defined Regex
#User definable whitelist Senders, Domains
accept sender_domains= +whitelist_domains
condition = ${if eq {}{${lookup mysql {select block from users
where address='${quote_mysql:${local_part}@${domain}}' and
block='whitelist' }}}{no}{yes}}
accept hosts = +relay_from_hosts
accept authenticated = *
deny message = relay not permitted
greets malte
