On Sat, 2007-12-15 at 11:47 +0300, Odhiambo Washington wrote:
> > For outbound traffic, you rewrite user@??? to whatever
> > BATV-mangled address you require as usual, and on the way back in you
> > mangle it back again. The machine on the inside never needs to know.
>
> Wait a moment! Now, there I am lost!
> Do you mean I need rewrite rules specifically for this task, or the
> BATV configuration with automagically handle this?
> I am clueless as what form my rewrite rules (if any) should take.
I'm not entirely sure how the BATV support in Exim is configured.
Mine is all still open-coded:
http://david.woodhou.se/eximconf/include/routers-ses
It looks mildly scary, but it's quite simple really. It does three
things:
1. If we're sending mail from a protected address such as
dwmw2@???, it rewrites the reverse-path to some magically
generated address instead.
2. If we receive a bounce (empty reverse-path¹) addressed to one of
those magically-generated addresses, it rewrites the destination back to
the original (i.e. dwmw2@???).
3. If we receive a bounce addressed to the original protected address,
it rejects it. (Actually, this is done elsewhere, in
http://david.woodhou.se/eximconf/include/acl-recipient )
I don't recall whether Exim's BATV support just gives you a simple
replacement for the scary regexes, or whether it's more comprehensive
than that.
--
dwmw2
¹ Actually for compatibility with broken mailers I also accept mail from
postmaster@* to the magic addresses; not _just_ bounces.
