[exim] Outgoing email and ${run}

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Stephen Gran
Datum:  
To: exim-users
Betreff: [exim] Outgoing email and ${run}
Hello all,

Once again, I'm staring at something that should probably be fairly
obvious, but I don't know - I think I've been looking at it too long ;/

I've gotten greylisting set up for incoming email, and I am trying to
figuer out how to do whitelisting of outgoing email. The idea with
this (imperfect, yes, but helpful nonetheless) is to set an entry in
the database when email goes out, so that replies aren't greylisted,
and user don't start screaming 'where's my email!?' I have a short
perl script that will do the work when called with the right arguments,
so that's no problem. The problems I do see are these:

How to actually identify outgoing email? This installation only accepts
mail generated on the local machine, or via smtp auth. I had thought
about putting it into an ACL, until I realized the old problem of
$recipient in an ACL - there may be more than one recipient. Scratch
that one off.

This seems to me to mean that it should go into a router somehow, but I
don't want to pass the actual email - just the sender and recipient.
Maybe just a condition or a command in a router? The problem I seewith
a condition is that I don't want the outgoing email to necessarily fail
if the command does - all that would happen is that the occasionalreply
would get slowed down if something went wrong on the way out, but I
think that would be better than clogging the queue with mail waiting to
go out if a script blows up.

And finally, how to actually intelligently figure out what outgoing
email means in a router? This is my biggest conceptual stumbling block.
I'll want to exclude DSN's from this (no need, I won't be getting a reply
after all, right? :), and I'll want to exclude email destined for local
domains from this check, so I guess it gets tacked onto anything that uses
the remote_smtp driver as it's transport, but doesn't have a null sender.

Adding it to everything seems horrendous, so maybe just it's own
router just before the dnslookup router that doesn't end the routing?
This seems the cleanest that I can think of, it's just that the whole
thing feels kind of messy. Maybe (as I usually am) I'm making this more
complicated than it needs to be.

TIA,
--
--------------------------------------------------------------------------
|  Stephen Gran                  | * Simunye is on a oc3->oc12 <daem0n>    |
|  steve@???             | simmy: bite me. :) <Simunye> daemon:    |
|  http://www.lobefin.net/~steve | okay :)                                 |

--------------------------------------------------------------------------