Re: [Exim] problem with virtual director

Top Page
Delete this message
Reply to this message
Author: Philip Hazel
Date:  
To: Jim Pazarena
CC: exim-users
Subject: Re: [Exim] problem with virtual director
On Mon, 19 Apr 2004, Jim Pazarena wrote:

> I've got a virtual director which appears to have had a bug for two
> years!


Hello Jim,

You are still using Exim 3 terminology ("director"), though you are
clearly talking about an Exim 4 router, since you have "driver =
accept".

> virtual_localusers:
> driver = accept
> domains = cdb;virtual_localuser_domains.cdb
> condition = \
> ${lookup{$local_part@$domain}cdb{virtual_localusers.cdb}{yes}{no}}
> no_more
> transport = virtual_local_delivery
>
> ====
>
> the problem is that a name which is NOT in the virtual list sneaks
> thru to the next DIRECTOR _if_ it is a real name on my system.


This is because "condition" is a router precondition. If it fails, the
router is not run and the address passes to the next router. Always. The
"no_more" option applies only to a router that does run, but then finds
it cannot handle the address, and so "declines".

The "accept" router cannot be coerced into behaving this way, I'm
afraid. It never declines; therefore "no_more" is useless. The possible
solutions are:

(1) Add a second router to bounce any unmatched addresses:

virtual_nonusers:
driver = redirect
domains = cdb;virtual_localuser_domains.cdb
data = :fail: Unknown user
allow_fail

(2) If your virtual_local_delivery transport is writing to a file or to
a pipe, you could use a single redirect router. For example, if you are
delivering to a file:

virtual_localuser:
  driver = redirect
  domains = cdb;virtual_localuser_domains.cdb
  data = \
    ${lookup{$local_part@$domain}cdb{virtual_localusers.cdb}\
    {/var/mail/$domain/$local_part}}
  allow_file
  address_file_transport = virtual_local_delivery
  user = exim
  no_more


"data" is not a pre-condition; it is something that is expanded when the
router runs. A failed lookup yields an empty redirection address. This
is interpreted as "no can do", and the router declines. A successful
lookup yields the name of the file and passes it to the transport, which
is run as "user". (You can alternatively specify the user in the
transport.)

I have not tested these; they are off the top of my head. YMMV, etc...

Philip

--
Philip Hazel            University of Cambridge Computing Service,
ph10@???      Cambridge, England. Phone: +44 1223 334714.
Get the Exim 4 book:    http://www.uit.co.uk/exim-book