I have a tree acl - the one that gets run is based on the recipient
domain. I have been using it like this, which is very ugly to me:
acl_choose_check_rcpt:
accept acl = \
${if \
eq\
{$domain}\
{${lookup\
{$domain}\
dbmnz{MAILRTRD/db.rtr_alldomains.db}\
{$domain}\
{}\
}}\
{acl_rtr_main}\
{check_recipient}\
}
so, if $domain is in db.rtr_alldomains.db, acl_rtr_main is run. otherwise
check_recipient is run. I'm trying to find out a cleaner way to write
this. I thought this would work:
acl_choose_check_rcpt:
accept domains = dbmnz;MAILRTRD/db.rtr_alldomains.db
acl = acl_rtr_main
accept acl = check_recipient
but it doesn't. If acl_rtr_main denies the rcpt, check_recipient is then
given a go, which is wrong. I also considered this:
acl_choose_check_rcpt:
accept domains = dbmnz;MAILRTRD/db.rtr_alldomains.db
acl = acl_rtr_main
deny domains = dbmnz;MAILRTRD/db.rtr_alldomains.db
accept acl = check_recipient
but that throws away all the very carefully crafted rejection messages in
acl_rtr_main.
It seems like w/ all the flexibility of ACLs there's some way I'm missing
to make that lookup not quite so ugly. Any ideas?
--John
