Thanks for the feedback guys. I continued to work on the issue after
posting the message. I was able to confirm that the ACL is not the best
place to do the lookups as the information is user specific. It seemed to
set the values acl_m_delivery to be the values of the first recipient of
the message - not good for my case.
I resorted to doing a lookup every time I needed to access a user
preference, rather than calling the data stored in acl_m_delivery.
Rather than doing this:
condition = ${if == {${extract{srs}{$acl_m_delivery}}}{1}}
I do a lookup in the router every time I need a preference like this:
condition = ${if ==
{${extract{srs}{${lookup{$local_part}nwildlsearch{/smtpconfig/domains/$domain/deliverydat}}}}}{1}}
It seems to work, but looks like heck and is more difficult to write and
debug (not sure about performance hit?).
The user's do not actually exist on the box, so I don't think I can
use the require
verify = recipient. The machine just accepts and forwards, getting all
information about preferences and destination server from the deliverydat
file for every domain.
Is there a more elegant way to get user data in the router, like filling a
variable with user preference like I was trying to do in the acl?
Robert G.
On Tue, Feb 18, 2014 at 9:49 PM, Heiko Schlittermann <hs@???>wrote:
> Hi,
>
> Rob Gunther <redrob@???> (Di 18 Feb 2014 05:00:20 CET):
> > I think I figured out my problem, looking for confirmation from experts.
> I
> > do this in the ACL:
> >
> > # Accept any email on port 26
> > accept condition = ${if=={$received_port}{26}}
> > set acl_m_delivery =
> >
> ${lookup{$local_part}nwildlsearch{/smtpconfig/domains/$domain/deliverydata}}
> >
> > Access to the server is restricted by firewall, if a delivery is
> attempted
> > on port 26 it is one of our customers. So I lookup the delivery
> > information, which can vary per user. From the deliverydata file I
> extract
> > the destination server, forwarding information etc.
> >
> > I assume that if a message comes in for user1@??? and also to
> > user2@??? that there would be two unique sets of variables
> stored
> > in acl_m_delivery? Each user's personal settings would be associated
> with
> > their copy of the message?
>
> No, you have one single copy of the variable, as you have only one
> single copy of the message.
>
> If you have multiple recipients, each new recipient overwrites the
> acl_m_delivery.
>
> The most simplistic approach: limit the number of recipients per message
> to exactly one. The *downside* of this approach: delivery for the other
> recipients is deferred, each message is transmitted for each recipient.
>
> # rcpt acl
>
> defer message = please one by one
> condition = ${if qt{$recipients_count}{1}}
>
> > If two users get a message and one is valid and one is invalid, like
> this:
> >
> > valid@???
> > invalid@???
> >
> > Currently when using the acl_m_delivery variable the entire message would
> > fail. If the acl_m_delivery information is not unique on a per user
> basis
> > then I have a problem...
>
> You got the problem.
>
> I'm not sure about the maximum size of the acl_ variables, probably you
> can append your information
>
> set acl_m_delivery = $acl_m_deliveriy:${lookup…}
>
> *But* I think, you're trying to do the message routing in the ACL
> already. But routing is a job for the router, not the ACL. Make sure
> that the routers succeed for valid recipients and fail otherwise. And
> then just do in your rcpt acl:
>
> # rcpt acl
> require verify = recipient
>
> should do the job you want.
>
> Best regards from Dresden/Germany
> Viele Grüße aus Dresden
> Heiko Schlittermann
> --
> SCHLITTERMANN.de ---------------------------- internet & unix support -
> Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
> gnupg encrypted messages are welcome --------------- key ID: 7CBF764A -
> gnupg fingerprint: 9288 F17D BBF9 9625 5ABC 285C 26A9 687E 7CBF 764A -
> (gnupg fingerprint: 3061 CFBF 2D88 F034 E8D2 7E92 EE4E AC98 48D0 359B)-
>
> --
> ## List details at https://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/
>
