Re: [exim] ACL with suffix or prefix (again)

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MJeremy Harris at <-
M 
Delete this message
Reply to this message
Author: Christian Balzer
Date:  
To: exim-users
CC: Jeremy Harris
Subject: Re: [exim] ACL with suffix or prefix (again)
On Tue, 21 May 2019 09:41:47 +0100 Jeremy Harris via Exim-users wrote:

> On 21/05/2019 06:50, Christian Balzer via Exim-users wrote:
> > 13 years ago we had this:
> > https://lists.exim.org/lurker/message/20060201.151954.0a776084.pt.html
>
> (2006)
>
> > I presume nothing has changed in these parts of Exim?
> >
> > There was another thread to set these things "globally" and outside of the
> > router context later but that was shot down by Phillip.
> >
> > The reason for me asking is still the same, before accepting a mail people
> > tend to do all kinds of checks (RBLs, etc) and these also tend to be on a
> > per user basis.
> > 
> > One can obviously work around this, but none of it would be as elegant as
> > setting this once in the ACL context so that something like this:
> > ---
> > accept  recipients    = EXCEPTUSERS
> > ---
> > would work with either abuse@ or abuse=something@ as expected.

> >
> > Any thoughts?
>
>
> local_parts = ^.+=
>
> Regex matching in lists seems to have been there since at least
> 2004 - so perhaps I'm not understanding what you're wanting to do.
>
Well, the article above was from 2006, so if that's a valid way forward
one wonders why it wasn't mentioned back then. 

Anyway to clarify, lets look at this RCPT ACL, RBL1 is a list of
addresses of course:
---
  deny    message       = rejected because $sender_host_address is blacklisted at zen.spamhaus.org SBL\n$dnslist_text
          dnslists      = local.stuff=127.0.0.2
          domains       = +local_domains
          recipients    = RBL1
---


If "user@domain" is in that RBL1 list but a "user=fun@domain" is received
(which is later handled as expected by a router) then this ACL won't
trigger. Thus the question in 2006 if a "local_part_suffix" can be set
during ACLs that would address this.

Are you suggesting to do the "local_parts = ^.+=" and then have a stripped
"$local_parts_data" to use in lookups later combined with "$domain"?
That's about as much effort in rewriting things as just doing an extract
as per the 2006 solution.


Regards, 

Christian
-- 
Christian Balzer        Network/Systems Engineer                
chibi@???       Rakuten Communications


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] exim-users list and replies[exim] [Urgent] - Unable to block domains->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)