[prev in list] [next in list] [prev in thread] [next in thread] 

List:       exim-users
Subject:    Re: [exim] headers_add only if condition
From:       Ian Eiloart <iane () sussex ! ac ! uk>
Date:       2013-03-15 13:01:26
Message-ID: 29F9E850-D2DB-4D7A-9453-5EA424220CE0 () sussex ! ac ! uk
[Download RAW message or body]

On 15 Mar 2013, at 10:34, Rob Gunther <redrob@gmail.com> wrote:

> I am working on an SRS/SPF solution, I have created a router that does will
> re-write the from envelope only if the sending domain has an SPF entry.
> 
> I'm using this:
> 
> condition = ${if match{${lookup dnsdb{>\n;
> defer_never,txt=$domain}}}{\N(?m)^v=spf1\s\N} {1}{0}}

You might also want to check for an SPF record, as well as an SPF string in a TXT \
record. But the problem here is using $domain (The recipient domain) rather than \
$sender_address_domain 

If you have Exim compiled with SPF support (see \
https://github.com/Exim/exim/blob/master/doc/doc-txt/experimental-spec.txt) , then \
you could put this into an ACL with a much simpler test like:

spf = none

The docs say "none" means "The queried domain does not publish SPF records"


> The condition is working, if the domain has no TXT record then it does
> nothing to the sender address.
> 
> The problem I am having is I am also adding a header to the router:
> 
> headers_add = "X-SRS: Sender address rewritten from <$sender_address> to
> <${quote_local_part:${local_part:$address_data}}@${domain:$address_data}>"
> 
> That header is being added to every message, even if the sender address was
> not altered.  I thought it would only do that if the conditions(s) for the
> router were met but apparently not.

I think you may need to put the conditions before the headers_add directive. \
Certainly logging directives are executed regardless of later conditions.

> So 2 questions:
> 
> 1) Can I fix this easily with some command?
> 2) I think I can do it by wrapping a condition into the headers_add option
> (based on some searching), that option seems complex to figure out - but
> more importantly would the router do the DNS check two times?  Once for the
> condition on the router itself and again to figure out if the headers_add
> would be added?

I think the DNS lookup is cached. So it would not be performed twice, but the result \
should be available.

> 
> Robert G.
> -- 
> ## List details at https://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/

-- 
Ian Eiloart
Postmaster, University of Sussex
+44 (0) 1273 87-3148


["smime.p7s" (smime.p7s)]

0	*H
 010	+0	*H
 00r 'znn0
	*H
0o10	USE10U
AddTrust AB1&0$UAddTrust External TTP Network1"0 UAddTrust External CA \
Root0 050607080910Z
200530104838Z010	UUS10	UUT10USalt Lake City10U
The USERTRUST Network1!0Uhttp://www.usertrust.com1604U-UTN-USERFirst-Client \
Authentication and Email0"0 	*H
0
9}A;bF7`u9eJGHjM5BI/|1Nd.)բdąQ5yNh{zɤ2O0 \
nFxoY^/m/묡j.g5yiF v:z'[=s"HaLi.1 \
,׉CZqYں  gT:
wetbh~GeMW(t40b0,00U#0z4&&T$T0Ug}ĝ&pKPH|=n}0U0U00{Ut0r08 \
6 42http://crl.comodoca.com/AddTrustExternalCARoot.crl06 4 \
20http://crl.comodo.net/AddTrustExternalCARoot.crl0 	*H
؉o(~TBk	 \
mאfyCqovE7=YxFz[r-F)Iy<mmhOr6j5PρmUY0Jm \
dI|6i9ZK: D/p%ZTļms2,雄$-zhP?Mg.;N
&DeMR>k2\Al] Xm=G. ̎00 mOj3""2zq0
	*H
010	UUS10	UUT10USalt Lake City10U
The USERTRUST Network1!0Uhttp://www.usertrust.com1604U-UTN-USERFirst-Client \
Authentication and Email0 110428000000Z
200530104838Z010	UGB10UGreater Manchester10USalford10U
COMODO CA Limited1907U0COMODO Client Authentication and Secure Email CA0"0
	*H
0
[KW^/@ȣSX_fe2N2}UxLUB'qi2@'Vbqi \
c^`ʢAjHmeC*.+c8w߱ ڂ2jgo \5Tq 7
PSlY1	LR@[HhJ$:q_㬿;%qh=XF<hmz!W42~JRrd&N`ohQcB}"cө \
ΞD\[5K0G0U#0g}ĝ&pKPH|=n}0UzNt[xcd'/ \
[y{0U0U00U  00U 0XUQ0O0M K \
IGhttp://crl.usertrust.com/UTN-USERFirst-ClientAuthenticationandEmail.crl0t+ \
h0f0=+01http://crt.usertrust.com/UTNAddTrustClient_CA.crt0%+0http://ocsp.usertrust.com0
 	*H
־xWUm3DRB
JAIZҭsn>&|L0(B<%>
u=9fѡMo(ltZڱuz/yVtCr`9 G:eH<=%`I?C
3_н`j;:<I3B)93i.EMiڀ=]|Gm]W0KID~y83 \
:]&XaU!ՙC@B0Ұun0#0 H&I 	"0 	*H
010	UGB10UGreater Manchester10USalford10U
COMODO CA Limited1907U0COMODO Client Authentication and Secure Email CA0
121206000000Z
131206235959Z0"1 0	*H
	iane@sussex.ac.uk0"0
	*H
0
))8d=HHl/&QdsoY΁7u&/
fifxەR4n<.B	@Ts<.W/8nGک2=f1a)uRKf߼_r6p \
92>$d2M[\N:E䚧|fhov#ǝ=6Gېߓ_Ih4b=Lq^S9<$%Ы} \
800U#0zNt[xcd'/ \
[y{0U9@dERXR0U 0U00 \
U%0++10	`HB 0FU \
?0=0;+10+0)+https://secure.comodo.net/CPS0WUP0N0L J \
HFhttp://crl.comodoca.com/COMODOClientAuthenticationandSecureEmailCA.crl0+ \
|0z0R+0Fhttp://crt.comodoca.com/COMODOClientAuthenticationandSecureEmailCA.crt0$+0http://ocsp.comodoca.com0U0iane@sussex.ac.uk0
 	*H
熕ply*trtJ]]fuB,W>p޴)`̈<qC-6:l$`w6Ufp<=9FcSmwPOu.AKD" \
@\"rಉS3:CmehsQPG*cg/רsc~Lw7/-ZL6+T*])h_{}T,Nj \
īa_DOf.}iށ$@Y]`IC+I100010	UGB10UGreater \
Manchester10USalford10U COMODO CA Limited1907U0COMODO Client \
Authentication and Secure Email CAH&I 	"0	+ 0	*H \
	1	*H 0	*H
	1
130315130126Z0#	*H
	1Tע_&MkmWP0	+710010	UGB10UGreater \
Manchester10USalford10U COMODO CA Limited1907U0COMODO Client \
Authentication and Secure Email CAH&I 	"0*H 	1 \
010	UGB10UGreater Manchester10USalford10U COMODO CA \
Limited1907U0COMODO Client Authentication and Secure Email CAH&I 	"0 \
	*H łW 
jt		n[K4M
gDM=(x1"Dyd峓ݻdѿ_ }Ϙ01
c1N""֓1;x  o)VWveJg& d \
Dky,*^Pa`5ߞHE	q>.#rj].;i}3[HpҾ'rn=+72~WbsjسfL^HiR.Z"m\~




-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
--===============4461538253872051447==--


[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic