[SA-exim] PermReject
Patrice Fournier
pfournier at loups.net
Wed, 29 May 2002 22:35:52 -0400
Quoting Marc MERLIN <marc@merlins.org>:
> > hmmm.. is $local_part really available there? What's in there when
> No.
Ok, so the suggestion to Craig was wrong then..
He would need the current SAEximRunCmd and this as ACL:
warn message = X-SA-Disable: yes
local_parts = /etc/exim/sa_skip
> > While were at it, as anyone configured sa-exim to scan/reject messages
> > to some users while accepting it to others?
>
> I remember having done so
>
> > I was thinking about something like this using the rcpt ACL:
> > if (first recipient)
> > set a variable/header to indicate if SA must run for that recipient
> > else
> > if (current_recipient SA setting != first recipient SA setting)
> > temp reject
>
> I'm not sure I understand, and not sure what you want to do would work
> either.
>
> > Now, if SA setting is a boolean value sometimes some recipients will
> > receive temp reject thus permiting us to still reject the message at
> > SMTP time for those users who don't want it. Of course, this is best
> > if no other ACL can produce temp reject (or at least, will not do so
> > most of the time)
>
> local_scan runs after DATA, you can't have it do some things for some
> users and other things for other users unless you duplicate the mail
> and refeed it to exim The local_scan code does have access to the
> list of receipients, but you can't use them in condition since
> local_part would eval to a list and not a value.
That's why I would do the check in an RCPT ACL to make sure a message will
contain (only users that want SA checking) || (only users that doesn't want
checking)
Here is an example of such an (untested) ACL:
acl_smtp_rcpt = acl_rcpt
begin acl
acl_rcpt
warn message = X-SA-Disable: yes
local_parts = /etc/exim/sa_skip
condition = ${if eq{{0}{$recipients_count}}}
defer message = Administrative restrictions makes this recipient \
unavailable at the moment
local_parts = /etc/exim/sa_skip
condition = ${if and{{!eq{{0}{$recipients_count}}} \
{!eq{{yes}{$h_X-SA-Disable:}}}}}
defer message = Administrative restrictions makes this recipient \
unavailable at the moment
!local_parts = /etc/exim/sa_skip
condition = ${if and{{!eq{{0}{$recipients_count}}} \
{eq{{yes}{$h_X-SA-Disable:}}}}}
This is a quick try, conditions may not work exactly as shown, and I'm not
sure defer is valid there, else we'll have to force a defer using another
check that will always defer (or fix the code). You should still see what I
have in mind. Now, a message which reaches local_scan always have it's
recipients all wanting the same of running SA or not. If the first
recipient in the list wants SA to run, every recipients who doesn't will be
temporarily rejected, than all those who wants it will have their message
passed through SA. After a couple of minutes, the remote server should try
to send the defered recipients again and this time the recipient list will
contain only users who doesn't want SA to run and vice-versa.
> > How does yahoo does rejections of only some of the recipients? (it's
> > yahoo
>
> mail from: <myadd@domain.tld>
> 250 sender <myadd@domain.tld> ok
> rcpt to: <marcmerlinns@yahoo.com>
> 250 recipient <marcmerlinns@yahoo.com> ok
> data
> 354 go ahead
> test
Ooops, the message was terminated by the . on that line, can you send the
end of it again?
Thanks,
--
Patrice Fournier
pfournier@loups.net