[exim] Is there any way to get exim to display the exapnded …

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Ritchie P. Fraser
Dátum:  
Címzett: exim-users@exim.org
Tárgy: [exim] Is there any way to get exim to display the exapnded list returned from a pgsql lookup?
Hi again,

Is there any way to get exim to display the expanded list returned from a pgsql lookup?
                I have put the sql directly into PgAdmin II and get a list returned as expected...
                I would like to see exim show me what it is comparing against in the inlist{}{} test to help me understand why both senarios (below) behave the way the do.


Have I done something REALLY stupid like missed curly braces in the condition = statement?

                I have tried the following:
                condition     = ${if inlist{$sender_address_domain}{+our_sql_maildomains}{false}{true}}
                condition     = ${if !inlist{$sender_address_domain}{+our_sql_maildomains}{true}{false}}
                condition     = ${if !inlist{$sender_address_domain}{+our_sql_maildomains}}
                !condition     = ${if inlist{$sender_address_domain}{+our_sql_maildomains}{true}{false}}
                !condition     = ${if inlist{$sender_address_domain}{+our_sql_maildomains}}


In /etc/exim/macros.conf...

                OUR_SQL_MAILDOMAINS = pgsql;SELECT name FROM maildomains WHERE status=true;


In /etc/exim/exim.conf...

                domainlist our_sql_maildomains = OUR_SQL_MAILDOMAINS


                acl_check_rcpt:
                accept   message       = ACCEPT 1 [ HOST $sender_host_address ] [ FROM $sender_address_local_part at $sender_address_domain ] [ TO $local_part at $domain ]
                                ...
                                condition     = ${if inlist{$sender_address_domain}{+our_sql_maildomains}{false}{true}}


                (NOTE: the {false}{true} is deliberately juxtaposed here - we want to test if the sender domain IS NOT one of OUR DOMAINS)


If I test this using "exim -bh 192.168.0.115"

Senario 1
mail from: someone@NOT_our_company.co.uk
rcpt to: name@our_company.co.uk

Output AFTER MAIL FROM: and RCPT TO: commands

                mail from: someone@NOT_our_company.co.uk
                250 OK
                rcpt to: name@our_company.co.uk
                >>> using ACL "acl_check_rcpt"
                >>> processing "accept"
                >>> check local_parts = +our_sql_localpart_aliases
                >>> ...
                >>> ... other test output...
                >>> ...
                >>> check condition = ${if inlist{$sender_address_domain}{+our_sql_maildomains}{false}{true}}
                >>>                 = true
                >>> accept: condition test succeeded in ACL "acl_check_rcpt"
                250-ACCEPT 1 [ HOST 192.168.0.115 ] [ FROM someone@NOT_our_company.co.uk] [ TO name
                250 at ourcompany.co.uk ]


RESULT : Accepted as expected.

Senario 2

mail from: someone@NOT_our_company.co.uk
rcpt to: name@our_company.co.uk

Output AFTER MAIL FROM: and RCPT TO: commands

                mail from: name@our_company.co.uk  <=== Note this time FROM within our own company!
                250 OK
                rcpt to: name@our_company.co.uk
                >>> using ACL "acl_check_rcpt"
                >>> processing "accept"
                >>> check local_parts = +our_sql_localpart_aliases
                >>> ...
                >>> ... other test output...
                >>> ...
                >>> check condition = ${if inlist{$sender_address_domain}{+our_sql_maildomains}{false}{true}}
                >>>                 = true
                >>> accept: condition test succeeded in ACL "acl_check_rcpt"
                250-ACCEPT 1 [ HOST 192.168.0.115 ] [ FROM name@???] [ TO name
                250 at ourcompany.co.uk ]


RESULT : Accepted !!!!.     <- This should have failed


The check condition is sender domain IN LIST OF OUR DOMAINS should have yeilded TRUE and the IF should have returned FALSE and THUS the condition should have FAILED



Kind Regards,
Ritchie Fraser
Systems Administrator