Author: W B Hacker Date: To: exim users Subject: Re: [exim] Replicating an internal messaging system policy with Exim
Dave Lugo wrote: > On Sat, 11 Jun 2011, Nigel Metheringham wrote:
>>
>> However, in either a combined or a split out instances configuration,
>> the way you probably want to do this is by making the routers
>> conditional rather than applying additional filters, so
>>
>> # router for restricted domain - this domain can only send or be sent
>> # to itself
>> restricted_domain:
>> driver = accept
>> domains = restricted.doma.in
>> senders = *@restricted.doma.in
>> transport = local_restricted_delivery
>>
>> # router for other domains
>> other_domains:
>> driver = accept
>> domains = doma1.in : doma2.in # but not restricted.doma.in
>> senders = ! *@restricted.doma.in
>> transport = local_normal_delivery
>>
>> and use the same conditions on the general send-elsewhere router
>>
>
> Just wondering - any advantage to doing the restrictions in routers,
> vs in the rcpt acl?
>
>
Two: Not necessarily germane in all cases:
1) Avoids the need for an acl_not_smtp clause, should there be on-box
sending accounts, some forms of webmail, or other webish critters.
2) Less likely to go awry, and easier to troubleshoot with fewer places
to look.
One downside:
More likely to give rise to an unwanted bounce, as it takes place
post-smtp session. One simple acl could prevent that.
Personally, I agree with Nigel's post - simplest and least chance of
entanglement with rules for other traffic if done in a separate Exim
instance with its own configure file.