[exim] BATV configuration

Pàgina inicial
Aquest missatge és part del següent fil:
M+-+\l'arbre de fils complet ordenat per data
MM\MM 
.MMDavid Saez Padros en ->
Delete this message
Reply to this message
Autor: Lars Nordin
Data:  
A: exim-users
Assumpte: [exim] BATV configuration
After working on configuring Exim for BATV for a while and running into some
problems, I wanted to pass on my configuration that got me working. Some of
the information out there is a little out of date and it may help someone
else to have a whole list of changes necessary.

I'm somewhat of Exim newcomer so some things may be wrong - corrections or
comments are welcome; most of this I have cobbled together from multiple
sources on the web. 

This setup is for the newer/newest draft of BATV where the format of the 
address is: prvs=kdddhhhhhh=LOCAL_PART@DOMAIN
This means that comments in the documentation about this stanza 
  deny    message       = Restricted characters in address
              domains       = +local_domains
              local_parts   = ^[.] : ^.*[@%!/|]
are no longer valid since BATV now uses '=' instead of '/'.


Note, one addition that I may make in the future is to add a check for the
number of recipients - real bounces go to only one destination. For automated
messages to multiple recipients with a null MAIL FROM, my configuration
below would block these; so a line with something like this: " !condition =
${if >{$rcpt_count}{1}}" would have to be added to the deny BATV unsigned
bounces paragraph.


# Main section
...
BATVKEY = something
... 



# ACLs
acl_check_rcpt:
   ...
  ## I put the BATV ACL at the end
  # check that BATV signature is valid
  deny    message       = invalid or expired BATV signature 
          # Match null sender messages (DSN)
          senders       = : 
          control       = caseful_local_part 
          condition     = ${prvscheck {$local_part@$domain}{BATVKEY}{1}} 
          !condition    = $prvscheck_result 
          control       = caselower_local_part 


  # deny BATV unsigned bounces
  deny    message       = bounce is not BATV signed  
          senders       = : 
          condition     = ${if !match{$local_part}{^prvs=}}




# Routers
begin routers
## put the BATV routers at the top
# I believe this so that outbound(non-local) mail is BATV signed
dnslookup_batv:
driver = dnslookup
condition = ${if match_domain{$sender_address_domain}{+local_domains}}
domains = ! +local_domains
transport = external_smtp_batv
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8

# I believe this so the recipient address would be decoded
batv_redirect:
driver = redirect
data = ${prvscheck {$local_part@$domain}{BATVKEY}}
...



# Transports
begin transports
...
# (believe that the placement of the transport stanza does not matter)
external_smtp_batv:
driver = smtp
return_path = ${prvs {$return_path}{BATVKEY}}
...

Aquest missatge es va enviar a les següents llistes de correu:
Exim-users
Informació sobre la llista de correu | Missatges propers		<-Re: [exim] Debian Exim PipeRe: [exim] BATV configuration->
Tahini and Hummus and Cumin Development Archives administrat per cumin AdminsLurker (versió 2.3)