[Dovecot] Sieve/pigeonhole with Exim and Dovecot LDA

Tue May 21 01:40:16 EEST 2013

On 05/20/2013 05:13 PM, Sebastian Arcus wrote:
> On 20/05/13 17:12, Gedalya wrote:
>> On 05/20/2013 12:02 PM, Sebastian Arcus wrote:
>>> Exim doesn't seem to have any variable expansion for the "From" field
>>
>> If using the From header actually makes sense to you... then see
>> $h_<header name> at
>> http://www.exim.org/exim-html-current/doc/html/spec_html/ch-string_expansions.html, 
>>
>> you probably want to restrict the usage of this as much as possible.
>> The envelope sender must be empty for bounces and auto-replies, pretty
>> good article here: https://github.com/Exim/exim/wiki/EximAutoReply
>> Later I'll read through your whole message again and maybe I'll come up
>> with something more concrete and detailed..
>
> Thanks for that. I've just tried using $header_from: in my exim 
> authenticator in client mode when talking to the provider's SMTP 
> server in smart relay mode (instead of $sender_address) - but for some 
> strange reason it just won't work. I've poured over the exim logs in 
> debug mode - and so far I can't make sense of what is happening. I'll 
> try some more to figure it out and get it working.
>
>

OK, now I had some more time to look at your situation.
We can ask, do you really need the sender? How do you use it? You're 
trying to authenticate using the sender, do you have the passwords in a 
lookup file?
Perhaps this can be a good idea: set up a special authenticator with:
client_condition = ${if match_ip{$sender_host_address}{:@[]}{1}{0}}
so that it can only be used for locally submitted messages (this 
_should_ work, test it), and statically configure it with credentials 
that would work with your upstream SMTP server?
Either way, you shouldn't have an authenticator that would trust the 
From: header and do something with it, unless the situation is very 
tightly controlled. You probably want to put more restrictions there to 
make sure this works only when intended, i.e. dovecot autoreplies.

Now, as for $header_from, first of all, it's "$header_from:", with the 
colon in the end. Yea, I know.
Secondly, I have no idea if it would be available in an authenticator. 
Consider that an authenticator is not really something that is related 
to processing an individual message.
One thing is for sure, you would need to set connection_max_messages = 1 
in the smtp transport which would be handling these messages. I know 
that that helps to make $sender_address available in the authenticator, 
try your luck with $h_from: or try to pass that data in somehow, ACL 
variables or something, let me know how that goes - I'm curious, but if 
you need further help you should probably ask on the exim-users mailing 
list (and point me at the thread ;-))