On 2006-11-19 at 09:10 -0800, Bill Moseley wrote:
> In a verify_only router is it possible to detect connection from
> non-local machines? Test that $sender_host_address is defined and
> doesn't equal 127.0.0.1 or the IP address(es) of the localhost?
The hostlist @[] has the IP addresses of the local host.
Personally, I'd put all the policy decisions together into an ACL
variable and check the ACL variable in a condition on the router.
Define it as a 'remote' match, so that you can just set it in an smtp
ACL and rely upon it not being set for non-SMTP.
One advantage of this is that you can change the definition in one place
and have it take effect everywhere; if you want to rename it to make
more sense for your changes, then it's easier to find, instead of having
to look at every check to see if the net result is to check the same
thing. So, if you want to change the policy later to be "not remote,
unless authenticated" you can do so more easily.
----------------------------8< cut here >8------------------------------
ACL_REMOTE=acl_m0
acl_smtp_rcpt = acl_check_rcpt
begin acl
acl_smtp_rcpt:
warn !hosts = : @[]
set ACL_REMOTE = remote
#... all the usual controls ...
begin routers
my_router:
driver = ...
condition = ${if !eq{$ACL_REMOTE}{remote}}
#....
----------------------------8< cut here >8------------------------------
-Phil