Re: [exim] Integrate a service with exim

Top Page
Delete this message
Reply to this message
Author: Phil Pennock
Date:  
To: soumya tr
CC: exim-users
Subject: Re: [exim] Integrate a service with exim
On 2013-01-08 at 11:32 +0530, soumya tr wrote:
> How can I integrate a particular service with exim?
>
> In case of postfix I can add something like the one given below:
>
> ------------------
> check_policy_service inet:127.0.0.1:10032


That sends a bunch of key=value lines over a socket and reads back the
response; if you're writing the listening code yourself, you probably
want to use the ${readsocket ...} string expansion in an ACL, providing
the data you want and reading back the output.

For instance, in my /etc/exim/exim.conf I have "acl_smtp_rcpt =
acl_check_rcpt" and within acl_check_rcpt I have:

----------------------------8< cut here >8------------------------------
  defer   message       = $sender_host_address is not yet authorised to \
                          deliver mail from <$acl_m_core_sender> to \
                          <$local_part@$domain>.  Please try later.
          log_message   = greylisted
          condition     = ${if exists {/var/run/greylistd/socket}{yes}{no}}
          !hosts        = : +relay_from_hosts : \
                          ${if exists {/var/db/greylistd/whitelist-hosts}\
                                {/var/db/greylistd/whitelist-hosts}{}}
          !authenticated = *
          !dnslists     = list.dnswl.org : swl.spamhaus.org
          domains       = +local_domains
          condition     = ${readsocket{/var/run/greylistd/socket}\
                          {--grey \
                           $sender_host_address \
                           $acl_m_core_sender \
                           $local_part@$domain}\
                          {5s}{}{false}}
----------------------------8< cut here >8------------------------------


Because I have a twisted mind, that's simplified. I wanted to leave in
enough to show how to ignore greylisting for authenticated clients,
whitelisted IPs, etc. The part which is closest to the
"check_policy_service" is the second "condition" rule there.

(Oh, and $acl_m_core_sender is an ACL variable I define; it's easiest to
just use $sender_address instead, but I use greylisting which
understands BATV PRVS and a few other schemes, so I define
$acl_m_core_sender to strip away such things and let mailing-lists, etc,
only go through greylisting once.)

Does this give you enough to go on?
-Phil