[exim-dev] [Bug 1062] increase the maximum recursion depth f…

Top Page
Delete this message
Reply to this message
Author: Simon Arlott
Date:  
To: exim-dev
Subject: [exim-dev] [Bug 1062] increase the maximum recursion depth for ACLs
------- You are receiving this mail because: -------
You are on the CC list for the bug.

http://bugs.exim.org/show_bug.cgi?id=1062




--- Comment #17 from Simon Arlott <bugzilla.exim.simon@???> 2011-02-22 21:29:28 ---
(In reply to comment #14)
> Exim needs a real looping structure or al least remove the 20 nested ACL
> restriction.


You can do anything with ${sg...}:

This is a partial extract of an ACL condition used to check all MX hosts in
multiple blacklists:

deny
   set acl_m1      = ${lookup dnsdb{>|defer_never,mxh=$sender_address_domain}}
   !condition      = ${if eq{}{$acl_m1}}
   dnslists        = <; \
      ${sg{space separated list of blacklist domains which MUST NOT be empty}{
}{/<|\$acl_m1;}}/<|$acl_m1
   message         = MX $dnslist_matched for $sender_address_domain is
blacklisted by $dnslist_domain.\n$dnslist_text
   log_message     = dnslist-mx ($dnslist_matched)\
      ${map{<,$dnslist_value}{ \


${lookup{$dnslist_domain=$item}lsearch{/etc/exim/conf/blacklists}{$value}{$dnslist_domain/$item}}\
      }}


Note: if the inner list expands to "", Exim will check the list "" for the
hostname, which (if it has an A record) is then true. I have a lookup that uses
"localhost" if not found so that the dnslist lookup for "example.com.localhost"
returns NXDOMAIN.

See bug #458 for another example of looping with ${sg...}
(http://bugs.exim.org/show_bug.cgi?id=458#c16).


--
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email