On 20/05/13 23:40, Gedalya wrote:
On 05/20/2013 05:13 PM, Sebastian Arcus wrote:
On 20/05/13 17:12, Gedalya wrote:
On 05/20/2013 12:02 PM, Sebastian Arcus wrote:
Exim doesn't seem to have any variable expansion for the "From" field
If using the From header actually makes sense to you... then see $h_<header name> at http://www.exim.org/exim-html-current/doc/html/spec_html/ch-string_expansion...,
you probably want to restrict the usage of this as much as possible. The envelope sender must be empty for bounces and auto-replies, pretty good article here: https://github.com/Exim/exim/wiki/EximAutoReply Later I'll read through your whole message again and maybe I'll come up with something more concrete and detailed..
Thanks for that. I've just tried using $header_from: in my exim authenticator in client mode when talking to the provider's SMTP server in smart relay mode (instead of $sender_address) - but for some strange reason it just won't work. I've poured over the exim logs in debug mode - and so far I can't make sense of what is happening. I'll try some more to figure it out and get it working.
OK, now I had some more time to look at your situation. We can ask, do you really need the sender? How do you use it? You're trying to authenticate using the sender, do you have the passwords in a lookup file? Perhaps this can be a good idea: set up a special authenticator with: client_condition = ${if match_ip{$sender_host_address}{:@[]}{1}{0}} so that it can only be used for locally submitted messages (this _should_ work, test it), and statically configure it with credentials that would work with your upstream SMTP server? Either way, you shouldn't have an authenticator that would trust the From: header and do something with it, unless the situation is very tightly controlled. You probably want to put more restrictions there to make sure this works only when intended, i.e. dovecot autoreplies.
Now, as for $header_from, first of all, it's "$header_from:", with the colon in the end. Yea, I know. Secondly, I have no idea if it would be available in an authenticator. Consider that an authenticator is not really something that is related to processing an individual message. One thing is for sure, you would need to set connection_max_messages = 1 in the smtp transport which would be handling these messages. I know that that helps to make $sender_address available in the authenticator, try your luck with $h_from: or try to pass that data in somehow, ACL variables or something, let me know how that goes - I'm curious, but if you need further help you should probably ask on the exim-users mailing list (and point me at the thread ;-))
Just a follow-up to my previous messages. I've posted to the exim list, and the best option seems to be to run a check in the authenticator, and if the $sender_address is empty, to use a default one instead. Note that this is probably safe in my setup, on a small lan with tightly controlled clients and where exim accepts no outside incoming email - but it might not be safe in some other different arrangements.
Here is my authenticator, in case it helps anybody else (replace "my@default_address.com" with something suitable for your setup):
#modified client auth for sieve ($sender_address missing)
fixed_plain_client:
driver = plaintext
public_name = PLAIN
client_send = ^${if eq{$sender_address}{}{my@default_address.com}
{$sender_address}}^${lookup{${if eq{$sender_address}{}
{my@default_address.com}{$sender_address}}}
lsearch{/etc/exim/exim-client.passwd}{$value}{fail}}
And here is a link to the thread on exim list:
https://lists.exim.org/lurker/message/20130523.094659.1dc9fbe2.en.html