Re: [exim] Deny/accept based on MySQL user lookup

Góra strony
Delete this message
Reply to this message
Autor: Rick Duval
Data:  
Dla: exim users
Temat: Re: [exim] Deny/accept based on MySQL user lookup
Excuse this missing reply, I know you've replied to this (saw it on
the exim-users.org forums website but when I try to register the link
is broken).

I think perhaps I've been a little unclear about my setup.

I run 2 Exim instances and Mailscanner on the same machine. One Exim
instance is incoming, the other is outgoing (pick up emails that pass
mailscanners inspection and forward them on).

The first Exim instance (the one I'm trying to deal with at the
moment) just accepts or rejects mail. If it is accepted it merely
"queues" the mail into a directory where mailscanner looks and
processes it. There are no local mailboxes and therefore nothing to
"verify = recipients" against.

The only qualification for acceptance at the moment (and queueing for
MailScanner) is if the domain exists in a MySQL database. I'd like to
expand on that so that the entire address (local part + domain) exists
in the MySQL database and each incoming email is checked against the
database.

Currently acceptance of emails is accomplished through populating the
"local_domains" list from the MySQL db with the statement

"domainlist local_domains = ${lookup mysql {SELECT DISTINCT domain
FROM domains WHERE Enabled = 1 and domain='${quote_mysql:$domain}'}} "

Is there no way to populate a "local_recipient" list in the same
manner as the above line populates the "local_domains" list so that
"verify = recipient" would work? If not, how can this be accomplished.



On Mon, Nov 10, 2008 at 12:28 PM, W B Hacker <wbh@???> wrote:
> Rick Duval wrote:
>> I have a passthru spam filter using mailscanner and Exim as the MTA's
>>
>> I'm already looking up domains that the system will accept mail for by
>> populating the domainlist with:
>>
>> domainlist local_domains = ${lookup mysql {SELECT DISTINCT domain FROM
>> domains WHERE Enabled = 1 and domain='${quote_mysql:$domain}'}}
>>
>> and then futher down using
>>
>>   require message = relay not permitted
>>            domains = +local_domains

>>
>> Can I do this on a per address level as well? I get so much spam to
>> non-existent addresses that I'd like to stop at the front door.
>>
>
> Sure hope so! And it is an easy one...
>
>> Thanks, I'm a Newbie at Exim
>>
>
> IF you want an SQL select instead of the less-resource hungry
>
> require verify = recipient
>
> Which can make sense if your routers are also doing SQL SELECTS and
> potentially more of them, even for a verify pass, THEN try:
>
> deny
>  set acl_m19 = ${lookup pgsql{SELECT pg_active from mailprof \
>                WHERE pg_active AND pg_domain='${quote_pgsql:$domain}'  \
>                AND pg_local_part='${quote_pgsql:$local_part}'}}
>     !condition  = ${if eq{$acl_m19}{t}}

>
>
> In which:
>
> - acl_m is legacy. there are now other ways to 'trigger' an SQL call
>
> - mailprof(ile) is the relation.
>
> - pg_active is a boolean flag for active account (or not)
>
> - pg_domain and pg_local_part should be obvious
>
> - we don't want the data - only to know it was matched.
>
> - the 'pg_' fieldname prefix just helps me remember which part is a DB
> field and which part is an Exim variable.
>
> - You can change 'pgsql' to 'mysql' Or not.
>
> This should work unaltered with MySQL save for your relation and field
> names. So long as none of the 'special' features of either DBMS are
> used within, neither Exim nor RDBMS otherwise care.
>
> HTH,
>
> Bill
>
> --
> ## List details at http://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/
>
> --
> This message has been scanned for
> viruses and dangerous content by
> Accurate Anti-Spam Technologies
> and is believed to be clean.
>
>