On Thu, 14 Feb 2008, Felix Erkinger wrote:
>
> btw.: is there a possibility to make the error message more informativ
> (eg. what address item was rejected) ?
The condition I gave you before was designed to cope with the unusual case
of messages that have more than one address in the From: field. If you
reject messages with more than one From: address then you don't need to
use the forall{}{} condition. You can instead test each address separately
and produce a more specific error message. (This has the slight
disadvantage of making the checks a bit repetitive, but the advantage of
making them simpler.)
In many cases it is reasonable to ask for replies to be sent to addresses
at remote domains, for example, I set a Reply-To: header on my posts to
this list. It is also OK (and, unlike From:, fairly common) to have more
than one address in the Reply-To: field. It's even reasonable to set
Reply-To: to multiple addresses at different domains, for example, if I
send out a party invitation and ask the recipients to RSVP to me and my
wife. On the other hand, your local situation might make it sendible to
have a strict policy, so you could treat Reply-To: in the same way as
From:.
# use a macro to make the checks less repetitive
USER_ADDRS= ${lookup {$authenticated_id} \
lsearch {/etc/exim4/email-per-user.txt} }
deny
message = "more than one address in From: line"
authenticated = *
condition = ${if match{@.*@}{$h_From:} }
deny
message = "user $authenticated_id may not use sender address $sender_address"
authenticated = *
! condition = ${if match_address{$sender_address}{USER_ADDRS} }
deny
message = "user $authenticated_id may not use From: address ${address:$h_From:}"
authenticated = *
! condition = ${if match_address{${address:$h_From:}}{USER_ADDRS} }
# etc.
Tony.
--
<fanf@???> <dot@???>
http://dotat.at/ ${sg{\N${sg{\
N\}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4}}\
\N}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4}}
