Anyone?
Best regards,
Martijn Grendelman
Martijn Grendelman schreef:
> Hi,
>
> I need some help on a sender verification issue, that arises in
> combination with recipient rewriting.
>
> In short:
>
> Envelope-to rewriting isn't done when performing sender verification, so
> when an incoming message has a "local" sender, which would otherwise be
> rewritten, rewriting does not take place, so routing -and therefore
> verification- fails.
>
> What should I do to make address verification succeed on addresses that
> can only be routed after rewriting? See below for the things I have tried.
>
> The only thing I can think of, that I haven't done yet, is to rewrite
> the sender of the message using the same rule. Can this be done _only_
> for verification? I'm not sure I want the sender address to be rewritten
> when delivering mail.
>
> The long version:
>
> I had a rewrite rule like this:
>
> *@* "${local_part}@${lookup mysql {MYSQL_REWRITE}{$value}{$domain}}" T
>
> with MYSQL_REWRITE being:
>
> SELECT todomain FROM rewrite WHERE fromdomain='${quote_mysql:$domain}'
>
> ..to rewrite the envelope-to on incoming messages. All quite simple, and
> mail delivery works like a charm.
>
> However, when an incoming message has a sender address, that is local to
> my server and that would be rewritten by the rule above, sender
> verification (from the RCPT ACL) fails. It appears that the address
> isn't rewritten before the verification and during verification, the
> original address is passed through routing, which fails.
>
> Then I read in the spec (31.2):
>
> "Similarly, at the start of an ACL for RCPT, the current recipient’s
> address may have been rewritten by a special SMTP-time rewrite rule, but
> no ordinary rewrite rules have yet been applied to it."
>
> Clear, so I changed the rewrite rule to:
>
> \N^(.*)@(.*)$\N "$1@${lookup mysql {MYSQL_REWRITE}{$value}{$2}}" TS
>
> and the lookup query to:
>
> SELECT todomain FROM rewrite WHERE fromdomain='${quote_mysql:$2}'
>
> to make rewriting take place before the ACL is run, but that still
> doesn't work.
>
> Testing with 'exim -d -bvs' still shows it is trying to route the
> unrewritten address, where 'exim -d -bt' shows rewriting is done on
> delivery just fine.
>
> I don't want to go down the road of sender address rewriting, if not
> absolutely necessary. My gut tells me this shouldn't really be
> necessary, but I'm kind of stuck here...
>
> Thanks for any advice,
> Martijn.
>
