Re: [exim] [patch] "do nothing" ACL modifier

Startseite
Nachricht löschen
Nachricht beantworten
Autor: W B Hacker
Datum:  
To: exim users
Betreff: Re: [exim] [patch] "do nothing" ACL modifier
David Woodhouse wrote:
> On Wed, 2007-02-07 at 15:14 -0800, John W. Baxter wrote:
>> On 2/7/07 8:53 AM, "David Woodhouse" <dwmw2@???> wrote:
>>
>>> Do we have to take the hackish approach of doing a lookup
>>> to check if we find the object we just tried to insert?
>> As one who wrote a (Python) script which now and then crashed our master
>> LDAP server (whichever server was the master at the time, and openLDAP) when
>> inserting a new user, I'm nervous about that approach. The script inserted
>> the data then immediately read some of it out to display as a result.
>>
>> After several needs to rebuild, I finally associated what I had just done
>> with the slapd crash which corrupted the database (fortunately without
>> inducing slurpd to send out the corruption to the other servers).
>>
>> I just put in a brief delay between writing the data and reading it back and
>> all was well. Then, of course, we rationalized our account creation and
>> stopped using the script...within about 6 weeks of the fix.
>
> That has to be a database bug. But even so, checking for success isn't
> good enough -- I want the damn error message for the logs.
>
> This helps...


*snipped* (long patch & SQL code illlustration for a new long illustraiton)

Ugly or elegant, such code seems unavoidable.

Absent far more extensive patching which might become SQL, and SQL 'flavor'
dependent, (opposed) - I am not sure there is anything more than pass/fail
returned - or 'returnable' (by Exim).

Ex: (line continuations modified to offset MUA re-wrap)

====

   # RCPT_2: IF Not Valid Recipient, THEN deny
   #
   deny
     !condition  = ${if ge{$acl_m0}{2}}
     set acl_m19 = ${lookup pgsql{SELECT pg_active from mailprof \
                   WHERE pg_active AND pg_domain='${quote_pgsql:$domain}' \
                   AND pg_local_part='${quote_pgsql:$local_part}'}}
     !condition  = ${if eq{$acl_m19}{t}}
     log_message = R2 No Valid Recipient - Jailed MAINDELAY seconds!
     set acl_c19 = ${lookup pgsql{INSERT into brownlist (pg_when, pg_why, \
                    pg_ip, pg_host, pg_where) \
                    VALUES \
                   ('$tod_log','NVR','$sender_host_address', \
                    '$sender_host_name', '$dnslist_domain')}}
     logwrite    = R2 C19 = $acl_c19
     delay      = MAINDELAYs
     message     = \n We do not recognize $local_part@$domain. \
                   \n Please check spelling and format of address.


====

Writes to the log: '...R2 C19 = 1' for a (each?) successful INSERT.

AFAIK, anything more detailed than a 'count' per each normal success or '0' for
none will *have to* rely on SQL code.

NB: Exim may already be set to log SQL errors of a structural or type-mismatch
nature. Tested by attempting a $tod_log into pg_ip.

Bill