[Exim] trying to understand how acl_check_rcpt works

Αρχική Σελίδα
Delete this message
Reply to this message
Συντάκτης: Kurt Lieber
Ημερομηνία:  
Προς: exim-users
Αντικείμενο: [Exim] trying to understand how acl_check_rcpt works
--
I'm following through one of the examples in the exiscan-acl examples
FAQ[1] and have a question about how it uses acl_check_rcpt. Given the
following (shortened) code:

1 /* ------------
2     acl_check_rcpt:
3
4       accept  hosts         = :
5       deny    local_parts   = ^.*[@%!/|]
6       accept  hosts         = 127.0.0.1:+relay_from_hosts
7       accept  authenticated = *
8
9       defer   message       = try this address in the next batch
10               condition     = ${if eq {${acl_m0}}\
11                               {${lookup{$domain}\
12                               lsearch{/etc/exim/scanprefs}}}\
13                               {0}{1}}
14
15       accept  domains       = +local_domains
16               endpass
17               message       = unknown user
18               verify        = recipient
19               set acl_m0    = $local_part@$domain
20
21       accept  domains       = +relay_to_domains
22               endpass
23               message       = unrouteable address
24               verify        = recipient
25               set acl_m0    = ${lookup{$domain}\
26                               lsearch{/etc/exim/scanprefs}}
27
28       deny    message       = relay not permitted
29 ------------ */


On line 10, the ACL is checking for $acl_m0 and comparing it against a list
of domains. However, what I don't understand is how $acl_m0 can possibly
be set at that point -- the "set acl_m0" command doesn't occur until later
in the ACL (lines 19 and 25). So won't that first defer stanza always be
false?

Does the acl_check_rcpt ACL get run through more than once during a typical
message session?

Obviously, I'm missing something. I just don't know what. :)

--kurt

[1] http://duncanthrax.net/exiscan-acl/exiscan-acl-examples.txt
--
[ Content of type application/pgp-signature deleted ]
--