[Pkg-exim4-users] ACL runs twice

Dermot Paikkos dermot at sciencephoto.com
Tue May 2 16:25:40 UTC 2006 

On 2 May 2006 at 17:45, Marc Haber wrote:

> On Tue, May 02, 2006 at 03:47:34PM +0100, Dermot Paikkos wrote:
> > On 2 May 2006 at 16:32, Marc Haber wrote:
> > > What exactly should this white list contain and which special
> > > treatment should its contents get?
> > 
> > Nothing special. Just addresses in the format
> > 
> > EG: jo at somedomain.com
> > 
> > The blacklist would be handled by the admin.
> 
> Sounds like a valid use-case for the HOOK you used in the first place.
> Is it not working?

It works but as I said it appears to run twice. Sorry if the 
formating is out in this email. I put a ### one the places that the 
lookup occurs.

It finds user at somedomain from the file 
/usr/local/mail/local_sender_whitelist it then does the same lookup 
again at the end of the snip below.

My local acl (/etc/exim4/local-acl) had this one rule:

  accept
    senders = ${if exists{/usr/local/mail/local_sender_whitelist}\
                   {/usr/local/mail/local_sender_whitelist}\
                   {}}

So i wasn't sure why the rule was being called twice. I was thinking 
that this was because the macro WHITELIST_LOCAL_DENY_LOCAL_ACL_FILE 
was used by several other acls.

Should I just leave WHITELIST_LOCAL_DENY_LOCAL_ACL_FILE alone and 
make local_host_whitelist writeable by the apache-userid or use 
suEXEC to setuid before writing to the list?

Thanx.
Dp.



===============
...snip
user at somedomain.com in ""? no (end of list)
accept: condition test failed
processing "accept"
check senders = ${if 
exists{/usr/local/mail/local_sender_whitelist}{/usr/local/mail/local_s
ender_whitelist}{}} address match: subject=user at somedomain.com
pattern=user at somedomain.com somedomain.com in "somedomain.com"? yes
(matched "somedomain.com") user at somedomain.com in
"/usr/local/mail/local_sender_whitelist"? yes (matched
"user at somedomain.com" in /usr/local/mail/local_sender_whitelist) 
accept:
condition test succeeded 	### deny: condition test failed
processing "deny" check !acl = acl_whitelist_local_deny using ACL
"acl_whitelist_local_deny" processing "accept" check hosts = ${if
exists{/etc/exim4/local_host_whitelist}{/etc/exim4/local_host_whitelis
t}{}} host in ""? no (end of list) accept: condition test failed
processing "accept" check senders = ${if
exists{/etc/exim4/local_sender_whitelist}{/etc/exim4/local_sender_whit
elist}{}} user at somedomain.com in ""? no (end of list) accept: 
condition
test failed processing "accept" check senders = ${if
exists{/usr/local/mail/local_sender_whitelist}{/usr/local/mail/local_s
ender_whitelist}{}} address match: subject=user at somedomain.com
pattern=user at somedomain.com accept: condition test succeeded		###
 .....snip

More information about the Pkg-exim4-users mailing list