>
>From: Oliver Egginger <Oliver.Egginger@???>
>To: exim-users@???
>Organization: Fachhochschule Giessen-Friedberg
>Date: 16 Oct 2003 12:22:53 +0200
>I want to check the domain of the (envelope) sender address if a user is
>authenticated. Authenticated users are allowed to relay through
>our mailgate but only if they use a local sender address. I'am at a loss
>at the moment. The acl_smtp_auth ACL would be a nice place for doing
>this, but the AUTH command could happend before the MAIL FROM command
>appears, I think. Also I can't restrict everybody to local sender
>adresses, cause I want receive mail from the internet from everyone for
>our local users.
>
>At the moment I got this acl:
>
>------------
>
>acl_check_rcpt:
>
> deny local_parts = ^.*[@%!/|] : ^\\.
>
> accept local_parts = postmaster
> domains = +local_domains
>
> require verify = sender/callout
> require verify = recipient
>
> accept domains = +relay_to_domains
> accept authenticated = *
>
> deny message = relay not permitted
>
>---------
>
>
>This seems to work fine but authenticated users can use every address
>they like. How can I restrict them to local addresses (domains) ??
>Every hint would be appreciated.
Use a ACL variable. You can have:
warn authenticated = *
set acl_m0 = 1
to determine whether or not an incoming message is authenticated.
Subsequent acl fragments can then use:
condition = ${if def:acl_m0 {yes}{no}}
to differentiate between authenticated and unauthenticated messages.
