[exim] BATV configuration

Page principale
Ce message fait partie du fil suivant :
M+-+\Arborescence complète du fil triée par date
MM\MM 
.MMDavid Saez Padros à ->
Supprimer ce message
Répondre à ce message
Auteur: Lars Nordin
Date:  
À: exim-users
Sujet: [exim] BATV configuration
After working on configuring Exim for BATV for a while and running into some
problems, I wanted to pass on my configuration that got me working. Some of
the information out there is a little out of date and it may help someone
else to have a whole list of changes necessary.

I'm somewhat of Exim newcomer so some things may be wrong - corrections or
comments are welcome; most of this I have cobbled together from multiple
sources on the web. 

This setup is for the newer/newest draft of BATV where the format of the 
address is: prvs=kdddhhhhhh=LOCAL_PART@DOMAIN
This means that comments in the documentation about this stanza 
  deny    message       = Restricted characters in address
              domains       = +local_domains
              local_parts   = ^[.] : ^.*[@%!/|]
are no longer valid since BATV now uses '=' instead of '/'.


Note, one addition that I may make in the future is to add a check for the
number of recipients - real bounces go to only one destination. For automated
messages to multiple recipients with a null MAIL FROM, my configuration
below would block these; so a line with something like this: " !condition =
${if >{$rcpt_count}{1}}" would have to be added to the deny BATV unsigned
bounces paragraph.


# Main section
...
BATVKEY = something
... 



# ACLs
acl_check_rcpt:
   ...
  ## I put the BATV ACL at the end
  # check that BATV signature is valid
  deny    message       = invalid or expired BATV signature 
          # Match null sender messages (DSN)
          senders       = : 
          control       = caseful_local_part 
          condition     = ${prvscheck {$local_part@$domain}{BATVKEY}{1}} 
          !condition    = $prvscheck_result 
          control       = caselower_local_part 


  # deny BATV unsigned bounces
  deny    message       = bounce is not BATV signed  
          senders       = : 
          condition     = ${if !match{$local_part}{^prvs=}}




# Routers
begin routers
## put the BATV routers at the top
# I believe this so that outbound(non-local) mail is BATV signed
dnslookup_batv:
driver = dnslookup
condition = ${if match_domain{$sender_address_domain}{+local_domains}}
domains = ! +local_domains
transport = external_smtp_batv
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8

# I believe this so the recipient address would be decoded
batv_redirect:
driver = redirect
data = ${prvscheck {$local_part@$domain}{BATVKEY}}
...



# Transports
begin transports
...
# (believe that the placement of the transport stanza does not matter)
external_smtp_batv:
driver = smtp
return_path = ${prvs {$return_path}{BATVKEY}}
...

Ce message a été envoyé sur les listes de diffusion suivantes :
Exim-users
Informations sur la liste de diffusion | Messages voisins		<-Re: [exim] Debian Exim PipeRe: [exim] BATV configuration->
Tahini and Hummus and Cumin Development Archives administré par cumin AdminsLurker (version 2.3)