On Mon, 11 Dec 2006, Heiko Schlittermann wrote:
> Hello,
>
> the following ACL:
>
> trusted_host:
>
> accept condition = ${lookup{$tls_peerdn}lsearch{/etc/exim4/peers.tls}{yes}fail}
> verify = certificate
> logwrite = TRUSTED: certificate ($tls_peerdn)
>
>
> With the above lookup it seems as if this acl returns "accept" even in
> cases where the lookup fails. As soon as I replace "fail" with "{no}"
> it works as expected.
>
> Is it just a trap, a bug or a feature?
Feature.
condition = <string>
This feature allows you to make up custom conditions. If the result
of expanding the string is an empty string, the number zero, or one
of the strings no or false, the condition is false. If the result is
any non-zero number, or one of the strings yes or true, the
condition is true. For any other value, some error is assumed to
have occurred, and the ACL returns defer. However, if the expansion
is forced to fail, the condition is ignored. The effect is to treat
it as true, whether it is positive or negative.
--
Philip Hazel University of Cambridge Computing Service
Get the Exim 4 book: http://www.uit.co.uk/exim-book
