On 2010-10-01 at 16:25 -0700, Todd Lyons wrote:
> Ok, so here is the logic I am using:
>
> 1. If user is using SMTP Auth, the first From: header address must
> match the authenticated address, thus use the authenticated address to
> generate signing domain.
> 2. If user is sending via webmail then use the first address in the
> From header (tests for a webmail header and from a webmail hostlist
> are done elsewhere in an acl and router) to generate the signing
> domain
To rephrase:
if condition:
use value which must be equal to the first From: address
else:
use the first From: address
Which reduces to:
use the first From: address
which is:
${sg{${addresses:$h_from:}}{:.*}{}}
and then the ${local_part:...} and ${domain:...} expansion operators to
extract from that.
-Phil