Re: [exim] Re: Problem with prvs functions

Auteur: Tom Kistner
Date:
À: Brian Candler
CC: exim-users
Sujet: Re: [exim] Re: Problem with prvs functions

Brian Candler wrote:

> So, the only way I can think of to get a sensible answer out of this is:
>
> # exim -d+expand -be '${prvscheck {prvs=brian/19844dfc9a@???}{foobar}{0}}$prvscheck_result'
>
> which returns "0" for failure and "01" for success (yuk).

I overlooked this. I presume you want to check for validity in the
router section? I don't do that. My use case is this:

a) Block stuff in ACLs

# Bounces: drop unsigned addresses for BATV senders
       deny message = This address does not send an unsigned reverse path.
            senders = :
            recipients = +batv_recipients

       # Bounces: In case of prvs-signed address, check signature.
       deny message = Invalid reverse path signature.
            senders = :
            condition = ${prvscheck {$local_part@$domain}{PRVSCHECK_SQL}{1}}
            !condition = $prvscheck_result

b) If any prvs encoded address has made it past the ACLs, it deserves to
be redirected to its original address:

batv_redirect:
         driver = redirect
         data = ${prvscheck {$local_part@$domain}{PRVSCHECK_SQL}{}}

/tom

Ce message fait partie du fil suivant :
	Arborescence complète du fil triée par date
	Tom Kistner à
	Brian Candler à