On 2014-12-17, Bertrand Cherrier <b.cherrier@???> wrote:
> Greetings,
>
> I’m in need for help !
>
> My goal is to validate sender domain with auth domain for relay enabled domains (usually only one account is used for theses users)
> And also to validate sender address with auth address for local virtual domains
>
>
>
> I thought I could do it this way :
>
> deny
> domains = +relay_domains
> authenticated = *
> condition = ${if eq{$sender_address_domain}{${domain:$authenticated_id}}{no}{yes}}
> message = domaine authentifié et domaine mail non identiques
> log_message = DENY RELAY : $sender_address_domain is not equal to {domain:$authenticated_id}
>
> deny
> domains = +local_domains
> authenticated = *
> condition = ${if eq{$sender_address}{$authenticated_id}{no}{yes}}
> message = adresse authentifiée et adresse mail non identiques
> log_message = DENY : $sender_address is not equal to $authenticated_id
>
> But if it passes the first (relay domain) it gets rejected by the second :(
> Obviously it doesn’t care about the domains = directive and does exactly the same if I comment out authenticated
I think that for the first deny the domain test should be "not local domains"
! domains = +local_domains
possibly in addition to "relay domains"
domains = +relay_domains
> I must have missed something and/or I just don’t get how the domains directive works
> Can someone please explain it to me and point me in the right direction ?
I think the sets local_domains and relay_domains intersect.
it's also possible that these domain lists are the wrong ones, I have
not checked the normal usage for those names.
The "${if eq" checks should probably be "${if eqi" as domain names are
case neutral.
--
umop apisdn
