Larry Rosenman wrote: > On Sun, November 15, 2009 6:14 pm, W B Hacker wrote: >> Larry Rosenman wrote: >>> Greetings, >>> I just upgraded to 4.70 (FreeBSD port), and was trying(!) to use the >>> acl_smtp_dkim ACL, but got mail with NO DKIM headers rejected with the >>> following ACL: >>> >>> acl_check_dkim: >>> warn log_message = GMail sender without DKIM signature >>> sender_domains = gmail.com >>> dkim_signers = gmail.com >>> dkim_status = none >>> deny message = Message from Paypal with invalid or missing signature >>> sender_domains = paypal.com:paypal.de >>> dkim_signers = paypal.com:paypal.de >>> dkim_status = none:invalid:fail >>> accept >>> >>> so, I'm wondering if there are any examples of the new ACL? >>> >>> Also, I'm looking for a way to drop the DKIM status into a header for >>> all >>> mail that has DKIM headers. >>> >>> Thanks! >>> >>> >>> >> "... with NO DKIM headers rejected" >> >> deny .... >> .. >> .. >> dkim_status = none ........ >> >> Why would you expect otherwise? >> >> ;-) > > I'm still confused why the bare accept didn't..... > >
It had no chance to ..... An 'accept' may be over-ruled by a later 'deny'. But a 'deny' is final.. the smtp session is closed before it reaches any subsequent test or 'accept' verb. Change your 'deny' to a 'warn' and add clause-specific logging while you sort the logic to suit your needs (probably need two separate tests ELSE a 'warn' with some sort of 'score' in an acl_c that is handled later). HTH, Bill -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
