Re: [exim] de-taint efficiency

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Rob Gunther
Date:  
À: Exim Mailing List
Sujet: Re: [exim] de-taint efficiency
On Fri, Jul 3, 2020 at 6:32 PM Jeremy Harris via Exim-users <
exim-users@???> wrote:

> > domainlist local_domains = lsearch;/etc/virtual/domains
> >
> > How can I just search the local_domains list? I've looked at the various
> > lookup types but don't see any way to lookup something from the named
> list
> > and have it return a clean domain name that I can reference in
> $domain_data
> >
> >
> > I've got quite a few routers that are using 'domains =
> > lsearch,ret=key;/domains/domains.dat' which I assume Exim really is
> opening
> > that file and searching every time.
> >
> > Can I make it more efficient by using the named list?
>
> Exim caches list look results, so repeated use gets an efficincy
> benefit. There is no efficiency benefit from using a named list
> per se; they are just syntactic sugar to make writing the config
> less verbose.
>
> However... specifically for your case, the cache lookup uses the
> filename of the search-definition, and then checks the options -
> so if you mix (in your case) ret=key and plain, the caching is
> inoperative. That could be a future enhancement.
>
> But: unless you are using +local_domains in some more-complex
> manner than most people, it seems like you could put ret=key
> in that definition.
> --
> Cheers,
> Jeremy
>
>

Wow, so close.

I did as suggested and changed the local_domains reference to:

domainlist local_domains = lsearch,ret=key;/etc/virtual/domains

Then referencing   domains = +local_domains    in the routers works.  No
lsearch needed at that point, seems much cleaner.


However, I found a stumbling block.

I am using rewrite configuration to deal with domain aliases. I check the
disk for a file to indicate the recipient address is an alias. I then
rewrite the recipient address, which I guess then my new domain name of the
recipient is no longer in my local_domains variable, since I populated it
with just the original recipient domain.

Then future routers break because the domain in local_domains no longer
matches the recipient being processed.