Re: [exim] Re: Problem with prvs functions

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Tom Kistner
Dátum:  
Címzett: Brian Candler
CC: exim-users
Tárgy: Re: [exim] Re: Problem with prvs functions
Brian Candler wrote:

> So, the only way I can think of to get a sensible answer out of this is:
>
> # exim -d+expand -be '${prvscheck {prvs=brian/19844dfc9a@???}{foobar}{0}}$prvscheck_result'
>
> which returns "0" for failure and "01" for success (yuk).


I overlooked this. I presume you want to check for validity in the
router section? I don't do that. My use case is this:

a) Block stuff in ACLs

# Bounces: drop unsigned addresses for BATV senders
       deny message = This address does not send an unsigned reverse path.
            senders = :
            recipients = +batv_recipients


       # Bounces: In case of prvs-signed address, check signature.
       deny message = Invalid reverse path signature.
            senders = :
            condition = ${prvscheck {$local_part@$domain}{PRVSCHECK_SQL}{1}}
            !condition = $prvscheck_result



b) If any prvs encoded address has made it past the ACLs, it deserves to
be redirected to its original address:

batv_redirect:
         driver = redirect
         data = ${prvscheck {$local_part@$domain}{PRVSCHECK_SQL}{}}


/tom