> Anyway, as you can see, when someone tries to verify "rob" or "medusa",
> I was hoping that the fail_verify thing would say "no, they don't
> exist"... yet...
Further investigation brings me up against a logical problem. Currently,
verify is happy if the top level local-part is acceptable. Thus, in your
case, it was a lower level generated address that failed, so the
top-level didn't fail. Sort of similar to verifying xxxx@???;
all it does is validate the remote.domain, not the xxxx.
I thought about changing this, but it could cause problems. Example: you
have set sender_verify to do checks on incoming mail. Sometimes incoming
mail is from one of your own local_parts (sent out, forwarded back, or
whatever). You don't really want to refuse such incoming mail if the
user in question has set up a bad .forward file... and if asked to
verify the name of a mailing list, you probably don't want to verify all
the hundreds of subscribers.
You *can* get it to verify generated addresses by adding -d or -v, but
only when calling with -bv; when verifying incoming addresses it checks
only the top level.
Hmm. I'm not sure what to do about this. I'll leave it in the thinking
pile and get on with other stuff for the moment.
--
Philip Hazel University Computing Service,
ph10@??? New Museums Site, Cambridge CB2 3QG,
P.Hazel@??? England. Phone: +44 1223 334714
