On Thursday 07 June 2007 18:09, Mike Cardwell wrote:
> The messy recursive acl seen earlier in this thread was only necessary
> because the ${forall} function never existed when I wrote it. A much
> cleaner acl would be possible now. However, I can't be arsed to
> install the latest version of exim in order to get access to these
> functions just to prove a point.
What buggers me is that $header_* doesn't unwrap header fields. It would
have been the right thing to do, IMO, since $header_* is "high-level".
It sabotages list operations a bit. Fortunately, it's pretty easy to do
the unwrapping yourself: ${sg {$h_Received:}{\n([ \t])}{\$1}} (\$1 can
in practice be replaced with a space).
Referring to
http://exim.org/mail-archives/exim-users/Week-of-Mon-20070212/msg00184.html,
here is what we get (line-continuation backslashes omitted):
warn set acl_m0 =
${filter
{<\n${map
{<\n${sg {$h_Received:}{\n[ \t]}{ }}}
${if match{$item}{\N^[^\[]+\[([^\]]+)\]\N}
{${if and{{match{$1}{{\N^\d{1,3}(\.\d{1,3}){3}$\N}}}
{!match_ip{$1}{+private_networks}}}
{${lookup dnsdb
{txt=<,{${sg{$1}
{\N^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$\N}
{\$4.\$3.\$2.\$1.zz.countries.nerd.dk}}]}
{${uc:$value}}{UNKNOWN}}}}}}}}
def:item}
Well, that was hardly any more readable, and still doesn't give the
same result (what differs is left as an excercise to the reader).
Perhaps it's better to be a bit less lispish:
warn set acl_m0 = ${sg {$h_Received:}{\n[ \t]}{ }}
set acl_m0 = ${map {<\n$acl_m0} \
{${if match{$item}{\N^[^\[]+\[([^\]]+)\]\N}{$1}}}}
set acl_m0 = ${filter {<\n$acl_m0} \
{${if and{{match{$item}{{\N^\d{1,3}(\.\d{1,3}){3}$\N}}} \
{!match_ip{$item}{+private_networks}}}}}}
set acl_m0 = ${map {<\n$acl_m0} \
{${sg{$1}{\N^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})$\N} \
{\$4.\$3.\$2.\$1.zz.countries.nerd.dk}}}}
set acl_m0 = ${map {<\n$acl_m0} \
${lookup dnsdb {<,$acl_m0}{${uc:$value}}{UNKNOWN}}
(All braces reserved.)
--
Magnus Holmgren holmgren@???
(No Cc of list mail needed, thanks)
