Re: [exim] Different auth validation fore relay and local domains

Fri, 19 Dec 2014 09:59:57 -0800 

On 12/17/2014 4:23 PM, Bertrand Cherrier wrote:

Greetings,

I’m in need for help !

My goal is to validate sender domain with auth domain for relay enabled domains 
(usually only one account is used for theses users)
And also to validate sender address with auth address for local virtual domains

I thought I could do it this way :

   deny
         domains         = +relay_domains
         authenticated   = *
         condition       = ${if 
eq{$sender_address_domain}{${domain:$authenticated_id}}{no}{yes}}
         message         = domaine authentifié et domaine mail non identiques
         log_message     = DENY RELAY : $sender_address_domain is not equal to 
{domain:$authenticated_id}

   deny
         domains         = +local_domains
         authenticated   = *
         condition       = ${if eq{$sender_address}{$authenticated_id}{no}{yes}}
         message         = adresse authentifiée et adresse mail non identiques
         log_message     = DENY : $sender_address is not equal to 
$authenticated_id



In exim manual Chapter 11.6:

  ${domain:<string>}
The string is interpreted as an RFC 2822 address and the domain is extracted from it. If the string does not parse successfully, the result is empty.
$authenticated_id is a login ID representation, whose value is dependent on server_set_id setting in the authenticator, which your query does not show. In general, the value of this id is NOT an RFC 2822 address. If it isn't, ${domain:$authenticated_id} will expand to the empty string, which will not match $sender_address_domain, and likewise $sender_address will not match $authenticated_id. 


But if it passes the first (relay domain) it gets rejected by the second :(
Obviously it doesn’t care about the domains = directive and does exactly the 
same if I comment out authenticated

I must have missed something and/or I just don’t get how the domains directive 
works
Can someone please explain it to me and point me in the right direction ?

Thank you

  <https://www.mls.nc/>           Bertrand Cherrier, Administrateur Systèmes
        [email protected] <mailto:[email protected]>                    
    www.mls.nc <https://www.mls.nc/>  
        @micrologicnc <http://twitter.com/micrologicnc>                   Sur 
facebook <https://www.facebook.com/mls.nc>
Téléphone: 24 99 24
VoIP: 65 24 99 24
Service Clientèle: 36 67 76 (58F/min)



--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Reply via email to