Re: [exim] Restricting sending/receipt

Top Pagina
Delete this message
Reply to this message
Auteur: Cole Tuininga
Datum:  
Aan: exim-users
Onderwerp: Re: [exim] Restricting sending/receipt
On Thu, 2005-09-15 at 09:46 +0100, Tony Finch wrote:
> ${extract has a very loose interpretation of whitespace and = signs, so it
> can be easy to make a mistake (see section 11.5 of the spec) [1].
> I *suspect* that it is not parsing your domain list as a single ${extract
> item; you can check this by using exim -d+expand. Probably the right thing
> to do is to quote the domain list like this
>     bob:  "company.com : mail.company.com"

>
> You tried this
>     "bob:  company.com : mail.company.com"


This certainly makes sense to me, much more so than my own approach in
any case. 8)

Here's the problem. I can do this, but now outgoing acl considers the
quotes as a part of the item. As a reminder, the rule looks like this:

deny
    authenticated = *
    log_message   = Blocked message from restricted user
\"$authenticated_id\" to domain \"$domain\".  User restricted to sending
to
\"${lookup{$authenticated_id}dbm{/etc/exim4/restricted_accounts.db}}\".
    message       = You are not allowed to send outside of your domain
    condition     = ${if exists{/etc/exim4/restricted_accounts.db} }
  ! domains       = ${lookup {$authenticated_id} \
                      dbm {/etc/exim4/restricted_accounts.db} \
                      {$value} {*} }


This now will produce an error on outgoing mail from
bob@??? that looks like this:

2005-09-15 10:15:30 H=some.host.name [i.p.address]
F=<bob@???> rejected RCPT <bob@???>: Blocked
message from restricted user "bob" to domain "mail.company.com". User
restricted to sending to ""company.com : mail.company.com"".

Note that it has the quotes from the restricted_accounts file, and
therefore does not seem to interpret it as a list.

Any other thoughts?

--
In an open world without fences and walls,
who needs Gates and Windows?

Cole Tuininga
Lead Developer
Code Energy, Inc
colet@???
PGP Key ID: 0x43E5755D