Re: [exim] BATV and sender verification - non-local_domains …

Pàgina inicial
Delete this message
Reply to this message
Autor: David Woodhouse
Data:  
A: Odhiambo Washington
CC: exim-users, Christopher Meadors
Assumpte: Re: [exim] BATV and sender verification - non-local_domains situation
On Sat, 2007-12-15 at 11:47 +0300, Odhiambo Washington wrote:
> > For outbound traffic, you rewrite user@??? to whatever
> > BATV-mangled address you require as usual, and on the way back in you
> > mangle it back again. The machine on the inside never needs to know.
>
> Wait a moment! Now, there I am lost!
> Do you mean I need rewrite rules specifically for this task, or the
> BATV configuration with automagically handle this?
> I am clueless as what form my rewrite rules (if any) should take.


I'm not entirely sure how the BATV support in Exim is configured.

Mine is all still open-coded:
http://david.woodhou.se/eximconf/include/routers-ses

It looks mildly scary, but it's quite simple really. It does three
things:

1. If we're sending mail from a protected address such as
dwmw2@???, it rewrites the reverse-path to some magically
generated address instead.

2. If we receive a bounce (empty reverse-path¹) addressed to one of
those magically-generated addresses, it rewrites the destination back to
the original (i.e. dwmw2@???).

3. If we receive a bounce addressed to the original protected address,
it rejects it. (Actually, this is done elsewhere, in
http://david.woodhou.se/eximconf/include/acl-recipient )

I don't recall whether Exim's BATV support just gives you a simple
replacement for the scary regexes, or whether it's more comprehensive
than that.

--
dwmw2

¹ Actually for compatibility with broken mailers I also accept mail from
postmaster@* to the magic addresses; not _just_ bounces.