On Mon, 11 Feb 2008, Felix Erkinger wrote:
> hi, i'm trying to make a ACL condition which should check if the
> authenticated user is using email addresses out of a allowed list:
something like
deny
message = user $authenticated_id may not use sender address $sender_address
authenticated = *
! senders = ${lookup {$authenticated_id} lsearch {/etc/exim/email-per-user.txt} }
> I want to restrict email addresses used in the mail itself to be from an
> authenticated user if it is something inside our own domains (because
> some spam uses an forged from: address beside an correct envelope
> address like the address it is sending to as realname,emailaddress, so
> it shows up like sending some mail from you to you.
I think the following will do if. It's a bit tricky. The forall iterates
$item over the From: and Sender: addresses, and checks that every address
satisfies the following condition. The match_address checks that the item
appears in the user's list of permitted addresses.
deny
message = user $authenticated_id may not use sender address $sender_address
authenticated = *
! condition = ${if forall \
{<, ${addresses:>, $h_From:}, \
${addresses:>, $h_Sender:} } \
{ match_address \
{$item}{${lookup {$authenticated_id} \
lsearch {/etc/exim/email-per-user.txt} }} } }
Tony.
--
<fanf@???> <dot@???>
http://dotat.at/ ${sg{\N${sg{\
N\}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4}}\
\N}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4}}
