On Tue, 2005-09-13 at 13:01 +0200, Jakob Hirsch wrote:
> This is a job for ACLs. Put the restricted addresses into a file and this
> into your RCPT ACL:
>
> deny senders = CFG/restricted
> ! domains = $sender_address_domain
> message = You are not allowed to send outside of your domain
A variation on this worked great - very much appreciated. For those
that are interested, my acl rule looks like this (improvement
suggestions accepted and appreciated!):
deny
authenticated = *
log_message = Blocked message from restricted user
"$authenticated_id\" to domain \"$domain\". User restricted to sending
to
\"${lookup{$authenticated_id}lsearch{/etc/exim4/restricted_accounts}}\".
message = You are not allowed to send outside of your domain
condition = ${if exists{/etc/exim4/restricted_accounts}}
! domains =
${lookup{$authenticated_id}lsearch{/etc/exim4/restricted_accounts}{$value}{*}}
(Sorry for the line wrapping)
> deny recipients = CFG/restricted
> ! sender_domains = $domain
> message = recipient is not allowed to receive from foreign domain
Here's the problem with this one - the email addresses are maps to
users. For instance, "bob@???" might map to local user
"company-bob". This makes it difficult to do this filtering within the
rcpt acl, unless I want to duplicate the mapping here.
I have a router that looks like this:
virtuals:
debug_print = "R: virtuals for $local_part@$domain"
driver = redirect
domains = !localhost : +local_domains
require_files = /etc/exim4/aliases/$domain
data = ${lookup{$local_part}lsearch*{/etc/exim4/aliases/$domain}}
no_more
Is there a way I can set up an acl to run only *after* this router has
been seen?
--
Those who live by the sword get shot by those who don't.
Cole Tuininga
Lead Developer
Code Energy, Inc
colet@???
PGP Key ID: 0x43E5755D
