On Mon, May 31, 2004 at 08:09:03PM +0100, Peter Bowyer said:
> Dr.-Ing. Hans Kemnitz <kemnitz@???> wrote:
> > Hi,
> >
> > We want to deny E-Mail from selected senders for
> > special recipients; all other shall be accepted.
> > See the simple example to deny:
> >
> > Sender Address Recipient Address
> > ---------------- -------------------
> > Iwanow@remote_dom_A.de - John@my_dom.de
> > August@remote_dom_A.de - Paul@my_dom.de
> > Pierre@remote_dom_B.de - John@my_dom.de
> >
> > To simpify management, we want to store the data
> > in files. Our first try was the following ACL setup:
> >
> > deny senders = lsearch;/senders
> > recipients = lsearch;/recipients
> >
> > File senders:
> > Iwanow@remote_dom_A.de : \
> > August@remote_dom_A.de : \
> > Pierre@remote_dom_B.de
> >
> > File recipients:
> > John@my_dom.de : \
> > Paul@my_dom.de
> >
> > As wanted, John receives no more mail from Iwanow
> > and Pierre; however this construct has the lack that
> > additionally John receives no more mail from August
> > and Paul no mail from Iwanow.
> >
> > Any ideas how to an ACL without these side effect ?
>
> You probably need a file of recipients, and a separate file of senders for
> each recipient. Then something like
>
> deny recipents = lsearch;/recipients
> senders = lsearch;/senderfiles/$recipient
>
> Haven't tried it...
Or maybe easier:
deny recipents = dsearch;CONFDIR/users/
senders = lsearch;CONFDIR/users/$recipient/sender_blacklist
Substitute local_part for recipient if you want, if all the domains are
the same. The dsearch and directory structure might be easier because
you could then have per-user white & blacklists, settings for something
else, etc. Pain if you have a lot of users, but it has the benefit of
being easily extensible.
--
--------------------------------------------------------------------------
| Stephen Gran | BOFH excuse #36: dynamic software |
| steve@??? | linking table corrupted |
| http://www.lobefin.net/~steve | |
--------------------------------------------------------------------------
