Re: [exim] Re: Problem with prvs functions

Top Page
This message is part of the following thread:
M\the complete thread tree sorted by date
MMTom Kistner at <-
MBrian Candler at ->
Delete this message
Reply to this message
Author: Tom Kistner
Date:  
To: Brian Candler
CC: exim-users
Subject: Re: [exim] Re: Problem with prvs functions
Brian Candler wrote:

> So, the only way I can think of to get a sensible answer out of this is:
>
> # exim -d+expand -be '${prvscheck {prvs=brian/19844dfc9a@???}{foobar}{0}}$prvscheck_result'
>
> which returns "0" for failure and "01" for success (yuk).

I overlooked this. I presume you want to check for validity in the
router section? I don't do that. My use case is this:

a) Block stuff in ACLs 

# Bounces: drop unsigned addresses for BATV senders
       deny message = This address does not send an unsigned reverse path.
            senders = :
            recipients = +batv_recipients


       # Bounces: In case of prvs-signed address, check signature.
       deny message = Invalid reverse path signature.
            senders = :
            condition = ${prvscheck {$local_part@$domain}{PRVSCHECK_SQL}{1}}
            !condition = $prvscheck_result



b) If any prvs encoded address has made it past the ACLs, it deserves to
be redirected to its original address: 

batv_redirect:
         driver = redirect
         data = ${prvscheck {$local_part@$domain}{PRVSCHECK_SQL}{}}


/tom


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] Re: Problem with prvs functionsRe: FW: Re: [exim] Easy Disclaimers with Exim?->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)