Hi,
I'd like to do spam and virus scanning depending on the domain (Exim 4.50).
For this to work I allow only recipients of the same domain in one mail
and keep the domain in acl_m0. This works as expected, RCPT ACL:
defer
message =
condition = ${if and { \
{!eq{$acl_m0}{}} \
{!eq{$acl_m0}{$domain}} \
} {yes}{no}}
accept
domains = +relay_to_domains
set acl_m0 = $domain
In the DATA ACL I'd like to do this:
accept
condition = ${if match_domain{$acl_m0}{+relay_to_domains}{yes}{no}}
deny
message = This message contains malware ($malware_name)
demime = *
malware = *
logwrite = Virus found: $malware_name (for $acl_m0)
But the condition for the accept is never true, domains in
relay_to_domains get virus scanned too.
The logwrite logs the right domain, relay_to_domains works wherever I
use it as expected. So the pieces are ok but they don't work together
and I have no idea why. What's wrong?
Thanks,
Thomas

Sat, Dec 03, 2005 at 06:04:44PM +0100, Thomas Mueller wrote:

In the DATA ACL I'd like to do this:
accept
condition = ${if match_domain{$acl_m0}{+relay_to_domains}{yes}{no}}

But the condition for the accept is never true, domains in
relay_to_domains get virus scanned too.
The logwrite logs the right domain, relay_to_domains works wherever I
use it as expected. So the pieces are ok but they don't work together
and I have no idea why. What's wrong?

This may be totally unrelated, but I literally spent 3 hours the other
day tracking down a problem in a server_condition statement in the
authenticators section of Exim, and eventually tracked it to a
match_domain statement that wasn't working properly.

No matter what I did, I could not get the match_domain statement to
properly read the $1, $2 or $3 variables. I'm not sure if the
match_domain statement has problems reading variables, or perhaps it
simply overwrites the $1/$2/$3 variables during the matching process.

I finally gave up and went back to using an lsearch. I didn't report
it as a bug because I wasn't confident enough to determine whether
or not match_domain overwrites $1/$2/$3 variables or not.

If it doesn't, perhaps there is some other issue going on with match_domain.

Mon, 5 Dec 2005, Dean Brooks wrote:

No matter what I did, I could not get the match_domain statement to
properly read the $1, $2 or $3 variables. I'm not sure if the
match_domain statement has problems reading variables, or perhaps it
simply overwrites the $1/$2/$3 variables during the matching process.

If you post the expansion you were trying to make work, I might be able
to comment.

Tue, Dec 06, 2005 at 09:14:57AM +0000, Philip Hazel wrote:

No matter what I did, I could not get the match_domain statement to
properly read the $1, $2 or $3 variables. I'm not sure if the
match_domain statement has problems reading variables, or perhaps it
simply overwrites the $1/$2/$3 variables during the matching process.

If you post the expansion you were trying to make work, I might be able
to comment.

Here is what I was working with. The purpose is that I have a file in
DBDIR/authentication that contains either fully qualified addresses or
contains local_parts that are assumed to be in one of my local domains
which all share common realm/name space. An MD5-hashed password is
stored as the data value in the database.

So, I authenticate if either $2 is found on its own, or, if $2 is in
one of my local domains, I'll look up the local part of $2 by itself
and see if its in the database.

The lookups into the dbm files worked fine. However, match_domain
would *never* match one of my local domains no matter what I did,
but works fine on the same +localdomains list everywhere else in
the configuration.

I almost got to the point where it seemed like Exim (v4.60) was
clobbering the contents of $2 in some manner, which affected the second
lookup, but I can't prove that and I wasn't able to get much out
of "debug +expand".

driver = plaintext
public_name = PLAIN
server_prompts = :
server_condition = \
"${if or { {eq {${lookup{${lc:$2}} dbm{DBDIR/authentication} {$value} {*NP*}}} {${md5:$3}}} \
{and{{match_domain {${domain:$2}}{+localdomains}} \
{eq {${lookup{${local_part:${lc:$2}}} dbm{DBDIR/authentication} {$value} {*NP*}}} {${md5:$3}}}}} \
} {yes}{no}}"
server_set_id = $2

Tue, Dec 06, 2005 at 03:24:02PM +0000, Philip Hazel wrote:

The lookups into the dbm files worked fine. However, match_domain
would *never* match one of my local domains no matter what I did,
but works fine on the same +localdomains list everywhere else in
the configuration.

What is in +localdomains?

Here is the list definition:

domainlist localdomains = localhost : EXIMDIR/localdomains

Here is the top portion of the contents of localdomains. It's just a
plain ascii text file containing our local domains, and is referenced
throughout our config without problems. It is readable only by the
Exim user and Exim group.

#
# primary domains
iglou.com
iglou.net
iglou.biz
mail.iglou.com
smtp.iglou.com
pop.iglou.com

Tue, 6 Dec 2005, Dean Brooks wrote:

The lookups into the dbm files worked fine. However, match_domain
would *never* match one of my local domains no matter what I did,
but works fine on the same +localdomains list everywhere else in
the configuration.

What is in +localdomains?