Jakob Hirsch wrote:
>
> Why in routers? ACLs would be probably more suitable for that.
It's a bit complicated, but the easy way to visualize it is that I have
fallthrough routers that "catch" people trying to send to protected
aliases and does something different -- think of it as a massive
if-then-else router scenario. It works quite well.
> You can use
> ${if match_domain {$sender_host_name}{*.fluid.com} {1}{0}}
Ah, ok -- I can OR that with my other expression and make it work,
thanks. My DNS is definitely in order, it won't be a problem. But, I
think the partial-lsearch below is the better answer...
> It would be much better if you knew all networks of eligible senders,
> put them into a hostlist and allow them to send to the restricted
> addresses (similar to the ACL for relay_from_hosts in the default config).
That's exactly what my routers do but on a domain basis -- the
domains.trusted is a list of all eligble senders host domains. Keeping
track of IPs is not desireable -- admin nightmare. Hence, I'm looking
for a way to do a ($sender_host_address <=> $sender_address_domain)
comparison lookup, a nslookup of sorts if you will.
> I don't really know what you mean here, but partial-lsearch is probably
> what you are looking for.
Yes, thanks -- I see it in section 9.6 now, perfect.
-te
--
Troy Engel | Systems Engineer
Fluid Inc. |
http://www.fluid.com
