Hi!
On Sat, Oct 04, 2003 at 12:41:51AM +0200, Nico Erfurth writes:
> >>What do you mean by "with BestMX"?
> >
> >BestMX also known as primary MX, MX with the best priority.
> >
> >For example, I have a relay 193.109.240.57 which receive mail
> >for many customers' domains, it is primary MX for its. And I
> >have a relay2 which is a secondary MX for all that domains.
> >How can I configure relay2 for relaying all domains which has
> >bestMX to 193.109.240.57 without manually enumetrating its?
> >
> >If I setup relay-based-on-MX (use @mx_any or @mx_secondary),
> >anybody will allow use me as his relay by specifying my router
> >as MX in the DNS, and I do not want it.
>
> AFAIK you can't, but I've just got an nice idea ....
>
> Basicly, use the dnsdb-lookup, and add a special TXT record to your
> zonefiles, maybe something like this
>
> example.com TXT SECRET_TEXT
Thanks for the idea. It's halpful, but not all of this domains are
under my control, and some DNS-hostings with web interface does
not permit to set TXT-records. :(
[...]
> --
> There are probably better ways to do that, but it would make the parser
> more complex. I do, occasionally, struggle feebly against complexity...
> :-)
> --Larry Wall in <7886@???>
;-)
Here's a solution of this issue.
MB it can be helpful not only for me.
I hope there is more simple solution, but this looks like working... ;)
==========
# todo
# 1. Loopup and check IP-address(es) of BestMX
# 2. Max recursion deep limitation (if more then 20 MX's -> return deny)
acl_check_bestmx:
# Return accept if primary MX for domain in $acl_m3 is in relayed-bestmx
# 1. Find primary MX preference and save it in $acl_m4
# Allways pass through this rule
deny
set acl_m3 = ${lookup dnsdb{mx=$acl_m3}}
set acl_m4 = -1
set acl_m5 = 1
acl = acl_bestpref
# 2. Check all primary MX's with relayed-bestmx
accept
set acl_m5 = 1
acl = acl_mx_loop
deny
acl_bestpref:
# End of recursion:
# $acl_m6 = $acl_m3[$acl_m5]
deny
set acl_m6 = ${extract{$acl_m5}{\n}{$acl_m3}}
condition = ${if eq{$acl_m6}{}{yes}{no}}
deny
# acl_m4 = min($acl_m4, $1) if $acl_m3 =~ /^\d+/
set acl_m6 = ${extract{1}{ }{$acl_m6}}
set acl_m4 = ${if ={$acl_m4}{-1}{$acl_m6}{$acl_m4}}
set acl_m4 = ${if <{$acl_m4}{$acl_m6}{$acl_m4}{$acl_m6}}
set acl_m5 = ${eval:$acl_m5+1}
acl = acl_bestpref
deny
acl_mx_loop:
# End of recursion:
# $acl_m6 = $acl_m3[$acl_m5]
deny
set acl_m6 = ${extract{$acl_m5}{\n}{$acl_m3}}
condition = ${if eq{$acl_m6}{}{yes}{no}}
# acl_m4 = min($acl_m4, $1) if $acl_m3 =~ /^\d+/
accept
condition = ${if ={${extract{1}{ }{$acl_m6}}}{$acl_m4}{yes}{no}}
condition = ${if eq{${lookup{${extract{2}{ }{$acl_m6}}}dbm{/etc/exim/relayed-bestmx.db}}}{}{no}{yes}}
accept
set acl_m5 = ${eval:$acl_m5+1}
acl = acl_mx_loop
deny
==========
--
Lucky carrier,
Pavel.
