Re: [Exim] help with configuration

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Pavel Gulchouck
Date:  
À: Nico Erfurth
CC: exim-users
Nouveaux-sujets: Re: [Exim] help with configuration [FUN|OT]
Sujet: Re: [Exim] help with configuration
Hi!

On Sat, Oct 04, 2003 at 12:41:51AM +0200, Nico Erfurth writes:
> >>What do you mean by "with BestMX"?
> >
> >BestMX also known as primary MX, MX with the best priority.
> >
> >For example, I have a relay 193.109.240.57 which receive mail
> >for many customers' domains, it is primary MX for its. And I
> >have a relay2 which is a secondary MX for all that domains.
> >How can I configure relay2 for relaying all domains which has
> >bestMX to 193.109.240.57 without manually enumetrating its?
> >
> >If I setup relay-based-on-MX (use @mx_any or @mx_secondary),
> >anybody will allow use me as his relay by specifying my router
> >as MX in the DNS, and I do not want it.
>
> AFAIK you can't, but I've just got an nice idea ....
>
> Basicly, use the dnsdb-lookup, and add a special TXT record to your
> zonefiles, maybe something like this
>
> example.com     TXT SECRET_TEXT


Thanks for the idea. It's halpful, but not all of this domains are
under my control, and some DNS-hostings with web interface does
not permit to set TXT-records. :(

[...]
> --
> There are probably better ways to do that, but it would make the parser
> more complex.  I do, occasionally, struggle feebly against complexity...
>  :-)
>             --Larry Wall in <7886@???>


;-)
Here's a solution of this issue.
MB it can be helpful not only for me.
I hope there is more simple solution, but this looks like working... ;)

==========
# todo
# 1. Loopup and check IP-address(es) of BestMX
# 2. Max recursion deep limitation (if more then 20 MX's -> return deny)
acl_check_bestmx:
  # Return accept if primary MX for domain in $acl_m3 is in relayed-bestmx
  # 1. Find primary MX preference and save it in $acl_m4
  # Allways pass through this rule
  deny
    set acl_m3        = ${lookup dnsdb{mx=$acl_m3}}
    set    acl_m4        = -1
    set acl_m5        = 1
    acl            = acl_bestpref
  # 2. Check all primary MX's with relayed-bestmx
  accept
    set acl_m5        = 1
    acl            = acl_mx_loop
  deny
acl_bestpref:
# End of recursion:
# $acl_m6 = $acl_m3[$acl_m5]
  deny
    set acl_m6        = ${extract{$acl_m5}{\n}{$acl_m3}}
    condition        = ${if eq{$acl_m6}{}{yes}{no}}
  deny
# acl_m4 = min($acl_m4, $1) if $acl_m3 =~ /^\d+/
    set acl_m6        = ${extract{1}{ }{$acl_m6}}
    set acl_m4        = ${if ={$acl_m4}{-1}{$acl_m6}{$acl_m4}}
    set    acl_m4        = ${if <{$acl_m4}{$acl_m6}{$acl_m4}{$acl_m6}}
    set    acl_m5        = ${eval:$acl_m5+1}
    acl            = acl_bestpref
  deny
acl_mx_loop:
# End of recursion:
# $acl_m6 = $acl_m3[$acl_m5]
  deny
    set acl_m6        = ${extract{$acl_m5}{\n}{$acl_m3}}
    condition        = ${if eq{$acl_m6}{}{yes}{no}}
# acl_m4 = min($acl_m4, $1) if $acl_m3 =~ /^\d+/
  accept
    condition        = ${if ={${extract{1}{ }{$acl_m6}}}{$acl_m4}{yes}{no}}
    condition        = ${if eq{${lookup{${extract{2}{ }{$acl_m6}}}dbm{/etc/exim/relayed-bestmx.db}}}{}{no}{yes}}
  accept
    set    acl_m5        = ${eval:$acl_m5+1}
    acl            = acl_mx_loop
  deny
==========


--
                                Lucky carrier,
                                                  Pavel.