D. Dante Lorenso wrote:
> I don't understand what's happening with my exim Macros:
>
> [server]/var/log/exim> exim -bV
> Exim version 4.67 #1 built 28-Apr-2007 13:50:49
> ...
> Configuration file is /etc/exim/exim.conf
>
> I do several includes in order to configure Exim for my different
> machines. The include order is something like this:
>
> - /etc/exim/exim.conf
> ....- /etc/exim/exim/exim.conf
> ........- /etc/exim-host.conf * define host-specific macros *
> ........* define generic macros based on host-specific ones *
> ............- /etc/exim/exim/acl/helo.conf (acl_smtp_helo=)
> ............- /etc/exim/exim/acl/mail.conf (acl_smtp_mail=)
> ............- /etc/exim/exim/acl/rcpt.conf (acl_smtp_rcpt=)
> ............- /etc/exim/exim/acl/data.conf (acl_smtp_data=)
> ............- /etc/exim/exim/acl/mime.conf (acl_smtp_mime=)
> ....- /etc/exim/exim/routers.conf
> ....- /etc/exim/exim/transports.conf
> ....- /etc/exim/exim/authenticators.conf
>
> Inside the /etc/exim/exim/exim.conf file, I define macros like this:
>
> X_FILE_LOOKUP_BLOCKED_IPS=/etc/exim/exim/lookup/blocked-ips.txt
>
> But later when I try to use this macro, it doesn't seem to work. Here
> is my rule inside the /etc/exim/exim/acl/rcpt.conf file:
>
> # blocked IP address
> deny message = Rejected: $sender_host_address is in a local blacklist.
> hosts = net-iplsearch;X_FILE_LOOKUP_BLOCKED_IPS
> log_message = bad ip address $sender_host_address
>
> And here is the error message I get in the /var/log/exim/main.log:
>
> 2007-10-25 14:19:54 failed to open X_FILE_LOOKUP_BLOCKED_IPS
> for linear search: No such file or directory
>
> It doesn't appear that macro expansion is happening or that the macro
> was properly defined during the previous include. What's going on?
Here is something that I noticed and was able to change to make the
problem suddenly go away. I still don't understand why.
I used to define the ACL rules like this:
---------- 8< ----------
# acl checks
acl_not_smtp = accept
acl_smtp_auth = accept
acl_smtp_mailauth = accept
acl_smtp_starttls = accept
acl_smtp_etrn = deny
acl_smtp_expn = deny
acl_smtp_vrfy = deny
acl_smtp_connect = accept
acl_smtp_helo = /etc/exim/exim/acl/helo.conf
acl_smtp_mail = /etc/exim/exim/acl/mail.conf
acl_smtp_rcpt = /etc/exim/exim/acl/rcpt.conf
acl_smtp_predata = accept
acl_smtp_data = /etc/exim/exim/acl/data.conf
acl_smtp_mime = /etc/exim/exim/acl/mime.conf
---------- 8< ----------
And with the ACLs defined as file names to the ACL configs, that did NOT
work with my macros. I then changed the rules to look like this:
---------- 8< ----------
# acl checks
acl_not_smtp = accept
acl_smtp_auth = accept
acl_smtp_mailauth = accept
acl_smtp_starttls = accept
acl_smtp_etrn = deny
acl_smtp_expn = deny
acl_smtp_vrfy = deny
acl_smtp_connect = accept
acl_smtp_helo = acl_helo
acl_smtp_mail = acl_mail
acl_smtp_rcpt = acl_rcpt
acl_smtp_predata = accept
acl_smtp_data = acl_data
acl_smtp_mime = acl_mime
begin acl
acl_helo:
.include /etc/exim/exim/acl/helo.conf
acl_mail:
.include /etc/exim/exim/acl/mail.conf
acl_rcpt:
.include /etc/exim/exim/acl/rcpt.conf
acl_data:
.include /etc/exim/exim/acl/data.conf
acl_mime:
.include /etc/exim/exim/acl/mime.conf
---------- 8< ----------
Suddenly my macros are working again inside the ACL sections. Can
anyone explain that?! Apparently defining the ACL with a file name
causes a different behavior with regards to the variable namespace or
caching or something.
Perhaps by using .include to load the ACL code it forces the ACLs to
load AFTER the macros but by using the acl=filename that causes the ACLs
to load BEFORE the macros? That's my best guess.
-- Dante
