Re: [exim] Exim and SRS in ACL?

Top Page
Delete this message
Reply to this message
Author: Juergen Weiss
Date:  
To: exim-users
Subject: Re: [exim] Exim and SRS in ACL?
This seems to work:

${sg{$sender_address}{\N^[sS][rR][sS]0=[^=]+=[^=]+=([^=]+)=(.+)@[^@]+$\N}{\$
2@\$1}}

This replaces the string of the sender_address into the original sender
address.
If thats not a SRS address it is left as it is.


Any suggestions on this?


Juergen


-----Ursprüngliche Nachricht-----
Von: exim-users-bounces@??? [mailto:exim-users-bounces@exim.org] Im
Auftrag von Juergen Weiss
Gesendet: Freitag, 29. Dezember 2006 13:16
An: exim-users@???
Betreff: Re: [exim] Exim and SRS in ACL?


Yes, i want to "look inside" to see the real sending address for my
whitelisting filters.
For example, the encoded SRS sender changes after some time (SRS time) so i
am not able to whitelist such a address. So i try to change the address back
to its roots and then proceed with that sender_address in eg. $acl_m5 with
my spamfilter.

I know if that address is encrypted i cannot decrypt it - thats ok in that
matter and my users need to live with that if the other provider needs to
make it too high security against email fakers.
I found that GMX for example is sending the emails in a plain text format,
maybe just to avoid SPF issues:
srs0=6msm=gh=juwei.de=mail@???

So i will try to make a regex string for the transformation as chris said.

Regards,
Juergen


-----Ursprüngliche Nachricht-----
Von: Chris Lightfoot [mailto:chris@sphinx.mythic-beasts.com] Im Auftrag von
Chris Lightfoot
Gesendet: Freitag, 29. Dezember 2006 12:59
An: Heiko Schlittermann
Cc: exim-users@???
Betreff: Re: [exim] Exim and SRS in ACL?

On Fri, Dec 29, 2006 at 12:49:59PM +0100, Heiko Schlittermann wrote:
> Helo Jürgen,
>
> Juergen Weiss <mail@???> (Fr 29 Dez 2006 12:41:49 CET):
> ...
> > Is there an implementation in exim to decode this rewritten addresses ?
> > For example convert it back to the originally sender_address.
>
> It *is* the original sender address, other addresses for the sender
> should/could be invalid.


Presumably Jurgen wants to `look inside' the rewritten sender in case the
original sender gives some information which is useful to (e.g.) a spam
filter. For instance, you might imagine wanting to do sender verification on
the original sender address. As you say, you can't do this in general since
some sites may use opaque tokens or sui generis formats for the rewritten
sender addresses, but for the implementation described here:
    http://www.openspf.org/SRS
you can do the reverse transformation with a regex substitution.


Are people seeing a lot of SRS in the wild? A quick census of my mail
suggests <0.1% SRS for both real mail and spam.

--
``When I am right, I get angry. Churchill gets angry when he's wrong.
So we were often angry at each other.'' (Charles De Gaulle)

--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/



--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/