Mailing List Archive

ACL with suffix or prefix (again)
Hello,

13 years ago we had this:
https://lists.exim.org/lurker/message/20060201.151954.0a776084.pt.html

I presume nothing has changed in these parts of Exim?

There was another thread to set these things "globally" and outside of the
router context later but that was shot down by Phillip.

The reason for me asking is still the same, before accepting a mail people
tend to do all kinds of checks (RBLs, etc) and these also tend to be on a
per user basis.

One can obviously work around this, but none of it would be as elegant as
setting this once in the ACL context so that something like this:
---
accept recipients = EXCEPTUSERS
---
would work with either abuse@ or abuse=something@ as expected.

Any thoughts?

Christian
--
Christian Balzer Network/Systems Engineer
chibi@gol.com Rakuten Communications

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: ACL with suffix or prefix (again) [ In reply to ]
On 21/05/2019 06:50, Christian Balzer via Exim-users wrote:
> 13 years ago we had this:
> https://lists.exim.org/lurker/message/20060201.151954.0a776084.pt.html

(2006)

> I presume nothing has changed in these parts of Exim?
>
> There was another thread to set these things "globally" and outside of the
> router context later but that was shot down by Phillip.
>
> The reason for me asking is still the same, before accepting a mail people
> tend to do all kinds of checks (RBLs, etc) and these also tend to be on a
> per user basis.
>
> One can obviously work around this, but none of it would be as elegant as
> setting this once in the ACL context so that something like this:
> ---
> accept recipients = EXCEPTUSERS
> ---
> would work with either abuse@ or abuse=something@ as expected.
>
> Any thoughts?


local_parts = ^.+=

Regex matching in lists seems to have been there since at least
2004 - so perhaps I'm not understanding what you're wanting to do.

--
Cheers,
Jeremy

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: ACL with suffix or prefix (again) [ In reply to ]
On Tue, 21 May 2019 09:41:47 +0100 Jeremy Harris via Exim-users wrote:

> On 21/05/2019 06:50, Christian Balzer via Exim-users wrote:
> > 13 years ago we had this:
> > https://lists.exim.org/lurker/message/20060201.151954.0a776084.pt.html
>
> (2006)
>
> > I presume nothing has changed in these parts of Exim?
> >
> > There was another thread to set these things "globally" and outside of the
> > router context later but that was shot down by Phillip.
> >
> > The reason for me asking is still the same, before accepting a mail people
> > tend to do all kinds of checks (RBLs, etc) and these also tend to be on a
> > per user basis.
> >
> > One can obviously work around this, but none of it would be as elegant as
> > setting this once in the ACL context so that something like this:
> > ---
> > accept recipients = EXCEPTUSERS
> > ---
> > would work with either abuse@ or abuse=something@ as expected.
> >
> > Any thoughts?
>
>
> local_parts = ^.+=
>
> Regex matching in lists seems to have been there since at least
> 2004 - so perhaps I'm not understanding what you're wanting to do.
>
Well, the article above was from 2006, so if that's a valid way forward
one wonders why it wasn't mentioned back then.

Anyway to clarify, lets look at this RCPT ACL, RBL1 is a list of
addresses of course:
---
deny message = rejected because $sender_host_address is blacklisted at zen.spamhaus.org SBL\n$dnslist_text
dnslists = local.stuff=127.0.0.2
domains = +local_domains
recipients = RBL1
---

If "user@domain" is in that RBL1 list but a "user=fun@domain" is received
(which is later handled as expected by a router) then this ACL won't
trigger. Thus the question in 2006 if a "local_part_suffix" can be set
during ACLs that would address this.

Are you suggesting to do the "local_parts = ^.+=" and then have a stripped
"$local_parts_data" to use in lookups later combined with "$domain"?
That's about as much effort in rewriting things as just doing an extract
as per the 2006 solution.


Regards,

Christian
--
Christian Balzer Network/Systems Engineer
chibi@gol.com Rakuten Communications

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/