[exim] BATV implementation

Top Page
Delete this message
Reply to this message
Author: Craig Jackson
Date:  
To: exim-users
Subject: [exim] BATV implementation
Hi,

I am trying to implement BATV with Exim 4.67 and I'd like to run this
past you before I save the config and -HUP the daemon. I have user local
parts listed in a Mysql database with a column called use_batv_key; 0
means don't sign, 1 means sign. I have the following lines in the config
file. Does there appear to be any problem below? Helpful comments?

It'll be great not to have to monitor nullsenders anymore.

Thanks.
Craig

Main section:
BATVKEY = longlistofalphanumericcharacters
BATV_USERS = SELECT recipient FROM users WHERE use_batv_key = '1'
BATV_CHECK = SELECT recipient FROM users WHERE recipient =
'${quote_mysql:$prvscheck_address}' LIMIT 1
localpartlistlist batv_list = ${sg {${lookup mysql{BATV_USERS}}}{\n}{:}}

Rcpt acl section:
# Bounces for signed return-path
  deny    message = Return address must be signed for this address.
   senders = :
   recipients = *batv_list
# Bounces for signed return-path prvscheck
  deny message = Invalid reverse path signature.
   senders = :
   control = caseful_local_part
   condition  = ${prvscheck {$local_part@$domain}{BATVKEY}{1}}
   !condition = $prvscheck_result
# Verify signed return-path bounces.
   accept  message = User account unknown or disabled
    senders = :
    control = caseful_local_part
    condition  = ${prvscheck {$local_part@$domain}{BATVKEY}{1}}
    domains = +local_domains
    endpass
    local_parts     =  ${lookup mysql{BATV_CHECK}}


Routers section:
# Located before the primary remote smtp router for non-signed
return-path
batv_dns:
driver = dnslookup
domains = ! +local_domains
condition = ${if
match_local_part{$sender_address_local_part}{+batv_list}{1}{0}}
transport = batv_smtp
headers_remove = X-NOMAIL-Limit : Received
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
#located before local delivery routers
batv_redirect:
driver = redirect
control = caseful_local_part
condition = ${prvscheck {$local_part@$domain}{BATVKEY}{1}}
data = ${prvscheck {$local_part@$domain}{BATVKEY}}

Transports section:
batv_smtp:
driver = smtp
return_path = ${prvs {$return_path}{BATVKEY}}
delay_after_cutoff = false