Jonathan Gilpin via Exim-users <exim-users@???> (Mi 08 Nov 2017 23:13:07 CET):
> hi!
>
> I am trying to restrict Authenticated users from sending from a domain name other than those designated as local domains.
>
… isn't that the question we had yesterday in #exim?
> in acl_smtp_rcpt
>
> I have the following code:
>
> deny log_message = Sender trying to send from an unapproved domain name.
> authenticated = *
> sender_domains = !+local_domains
> message = You must send from an approved domain name.
>
> Where local_domains is defined by
>
> domainlist local_domains = mysql;MYSQL_Q_LDOMAIN
>
> and
>
> MYSQL_Q_LDOMAIN=SELECT SQL_CACHE DISTINCT domaintable.domain FROM domaintable LEFT JOIN accounts ON domaintable.domain = accounts.domain WHERE domaintable.domain='$domain' and accounts.active = ‘1'
>
> Could someone please point out where I am going wrong as this is rejecting all domains?
Assume a local domain as 'example.local' and the remote domain as
'example.remote'. Now your use is sending a message
hans@??? ⇒ fred@???
The +local_domains list would be empty now, as the resulting SQL query
is about "SELECT … WHERE domaintable.domain='example.remote'…". You're
using $domain in your query, which is perfectly right for inbound
messages, to check if they're for your system. But for outbound messages
you need to use $sender_address_domain there.
And, to re-iterate me from #exim: Do not forget to have a final 'accept'
in your acl_check_rcpt, as there is an invisible implicit deny at the
very and, which applies, except you do an accept explicitly.
Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de ---------------------------- internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome --------------- key ID: F69376CE -
! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -
