Re: [exim] BATV and sender verification -non-local_domainssi…

Top Page
Delete this message
Reply to this message
Author: David Woodhouse
Date:  
To: Dave Evans
CC: exim-users
Subject: Re: [exim] BATV and sender verification -non-local_domainssituation
It's quite impolite to drop me from Cc when you're replying to something
I've said.

On Sat, 2007-12-15 at 13:44 +0000, Dave Evans wrote:
> On Sat, Dec 15, 2007 at 04:00:24AM -0500, David Woodhouse wrote:
> > I'm not entirely sure how the BATV support in Exim is configured.
> >
> > Mine is all still open-coded:
> > http://david.woodhou.se/eximconf/include/routers-ses
>
> I don't see any mention of "prvs"-anything in there (and, AFAICT from the Exim
> spec, BATV == the prvs* expansion items). However your config does talk about
> SRS, and (as far as I know) SRS and BATV are two completely separate things.


Nah, SRS and BATV are fairly similar in principle. They both rewrite
return addresses on the way out, and put them back how they were on the
way back in.

And yes, there's no mention of 'prvs'-anything because it's all
open-coded as I said. Exim was perfectly flexible enough to do this kind
of stuff even before Tony added the prvs helper stuff.

> I actually found that implementing prvs/BATV was fairly straightforward: two
> ACL chunks, one redirect router, and a transport option.
>
> > On Sat, 2007-12-15 at 11:47 +0300, Odhiambo Washington wrote:
> > > > For outbound traffic, you rewrite user@??? to whatever
> > > > BATV-mangled address you require as usual, and on the way back in you
> > > > mangle it back again. The machine on the inside never needs to know.
> > >
> > > Wait a moment! Now, there I am lost!
> > > Do you mean I need rewrite rules specifically for this task, or the
> > > BATV configuration with automagically handle this?
> > > I am clueless as what form my rewrite rules (if any) should take.
>
> Odhiambo: the rewriting / mangling is performed by a "redirect" router, not a
> rewrite rule.
>
> I'll happily share the relevant parts of my config, but I don't want to butt
> in on David if he was ready to help...


If you're using the prvs support then yours is probably more useful.
Mine shows that it's done in a router instead of a rewrite rule, but
yours should be easier to use as an example.

--
dwmw2