[prev in list] [next in list] [prev in thread] [next in thread]
List: exim-users
Subject: Re: [exim] headers_add only if condition
From: Ian Eiloart <iane () sussex ! ac ! uk>
Date: 2013-03-15 13:01:26
Message-ID: 29F9E850-D2DB-4D7A-9453-5EA424220CE0 () sussex ! ac ! uk
[Download RAW message or body]
On 15 Mar 2013, at 10:34, Rob Gunther <redrob@gmail.com> wrote:
> I am working on an SRS/SPF solution, I have created a router that does will
> re-write the from envelope only if the sending domain has an SPF entry.
>
> I'm using this:
>
> condition = ${if match{${lookup dnsdb{>\n;
> defer_never,txt=$domain}}}{\N(?m)^v=spf1\s\N} {1}{0}}
You might also want to check for an SPF record, as well as an SPF string in a TXT \
record. But the problem here is using $domain (The recipient domain) rather than \
$sender_address_domain
If you have Exim compiled with SPF support (see \
https://github.com/Exim/exim/blob/master/doc/doc-txt/experimental-spec.txt) , then \
you could put this into an ACL with a much simpler test like:
spf = none
The docs say "none" means "The queried domain does not publish SPF records"
> The condition is working, if the domain has no TXT record then it does
> nothing to the sender address.
>
> The problem I am having is I am also adding a header to the router:
>
> headers_add = "X-SRS: Sender address rewritten from <$sender_address> to
> <${quote_local_part:${local_part:$address_data}}@${domain:$address_data}>"
>
> That header is being added to every message, even if the sender address was
> not altered. I thought it would only do that if the conditions(s) for the
> router were met but apparently not.
I think you may need to put the conditions before the headers_add directive. \
Certainly logging directives are executed regardless of later conditions.
> So 2 questions:
>
> 1) Can I fix this easily with some command?
> 2) I think I can do it by wrapping a condition into the headers_add option
> (based on some searching), that option seems complex to figure out - but
> more importantly would the router do the DNS check two times? Once for the
> condition on the router itself and again to figure out if the headers_add
> would be added?
I think the DNS lookup is cached. So it would not be performed twice, but the result \
should be available.
>
> Robert G.
> --
> ## List details at https://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/
--
Ian Eiloart
Postmaster, University of Sussex
+44 (0) 1273 87-3148
["smime.p7s" (smime.p7s)]
0 *H
010 + 0 *H
00r 'znn0
*H
0o10 USE10U
AddTrust AB1&0$UAddTrust External TTP Network1"0 UAddTrust External CA \
Root0 050607080910Z
200530104838Z010 UUS10 UUT10USalt Lake City10U
The USERTRUST Network1!0Uhttp://www.usertrust.com1604U-UTN-USERFirst-Client \
Authentication and Email0"0 *H
0
9}A;bF7`u9eJGHjM5BI/|1Nd.)բdąQ5yNh{zɤ2O0 \
nFxoY^/m/묡j.g5yiF v:z'[=s"HaLi.1 \
,CZqYں gT:
wetbh~GeMW(t40b0, 00U#0z4&&T$T0Ug}ĝ&p KPH|=n}0U0U00{Ut0r08 \
6 42http://crl.comodoca.com/AddTrustExternalCARoot.crl06 4 \
20http://crl.comodo.net/AddTrustExternalCARoot.crl0 *H
؉o( ~TBk \
mאfyCqovE7=YxFz[r-F)Iy<mmhOr6j5PρmUY0Jm \
dI|6i9ZK: D/p%ZTļms2,雄$-zhP?Mg.;N
&DeMR>k2\Al] Xm=G. ̎00 mOj3""2zq0
*H
010 UUS10 UUT10USalt Lake City10U
The USERTRUST Network1!0Uhttp://www.usertrust.com1604U-UTN-USERFirst-Client \
Authentication and Email0 110428000000Z
200530104838Z010 UGB10UGreater Manchester10USalford10U
COMODO CA Limited1907U0COMODO Client Authentication and Secure Email CA0"0
*H
0
[KW^/@ȣSX_fe2N2}UxLUB'qi2@'Vbqi \
c^`ʢAjHmeC*.+c8w߱ ڂ2jgo \5Tq 7
PSlY1 LR@[HhJ$:q_㬿;%qh=XF<hmz!W42~JRrd&N`ohQcB}"cө \
ΞD\[5 K0G0U#0g}ĝ&p KPH|=n}0UzN t[xcd'/ \
[y{0U0U0 0U 00U 0XUQ0O0M K \
IGhttp://crl.usertrust.com/UTN-USERFirst-ClientAuthenticationandEmail.crl0t+ \
h0f0=+01http://crt.usertrust.com/UTNAddTrustClient_CA.crt0%+0http://ocsp.usertrust.com0
*H
־xWUm3DRB
JAIZҭsn>&|L0(B<%>
u=9fѡMo(ltZڱuz/yVtCr`9 G:eH<=%`I?C
3_н`j;:<I3B)93i.EMiڀ=]|Gm]W0KID~y83 \
:]&XaU!ՙC@B0Ұun0#0 H&I "0 *H
010 UGB10UGreater Manchester10USalford10U
COMODO CA Limited1907U0COMODO Client Authentication and Secure Email CA0
121206000000Z
131206235959Z0"1 0 *H
iane@sussex.ac.uk0"0
*H
0
))8d= HHl/&QdsoY7u&/
fifxەR4n<.B @Ts<.W/8nGک2=f1a)uRKf_r6p \
92>$d2M[\N:E䚧|fhov#ǝ=6Gېߓ_Ih4b=Lq^S9<$%Ы} \
8 00U#0zN t[xcd'/ \
[y{0U9@dERXR0U 0U0 0 \
U%0++10 `HB 0FU \
?0=0;+10+0)+https://secure.comodo.net/CPS0WUP0N0L J \
HFhttp://crl.comodoca.com/COMODOClientAuthenticationandSecureEmailCA.crl0+ \
|0z0R+0Fhttp://crt.comodoca.com/COMODOClientAuthenticationandSecureEmailCA.crt0$+0http://ocsp.comodoca.com0U0iane@sussex.ac.uk0
*H
熕ply*trtJ]]fuB,W>p)`̈<qC-6:l$`w6Ufp<=9FcSmwPOu.AKD" \
@\"rಉS3:CmehsQPG*cg/רsc~Lw7/-ZL6+T*])h_{}T ,Nj \
īa_DOf.}iށ$@Y]`IC+I100010 UGB10UGreater \
Manchester10USalford10U COMODO CA Limited1907U0COMODO Client \
Authentication and Secure Email CAH&I "0 + 0 *H \
1 *H 0 *H
1
130315130126Z0# *H
1Tע_&MkmWP0 +710010 UGB10UGreater \
Manchester10USalford10U COMODO CA Limited1907U0COMODO Client \
Authentication and Secure Email CAH&I "0*H 1 \
010 UGB10UGreater Manchester10USalford10U COMODO CA \
Limited1907U0COMODO Client Authentication and Secure Email CAH&I "0 \
*H łW
jt n[K4M
gDM=(x1"Dyd峓ݻdѿ_ }Ϙ01
c1N""֓1;x o)VWveJg& d \
Dky,*^Pa`5ߞHE q>.#rj].;i}3[HpҾ'rn=+72~Wbsjس fL^H iR.Z"m\~
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
--===============4461538253872051447==--
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic