Re: [Exim] receiver verify from a mail hub

Top Page
Delete this message
Reply to this message
Author: Todd Jagger
Date:  
To: exim-users
Subject: Re: [Exim] receiver verify from a mail hub
Thanks for the input, Phil,


At 05:15 PM 11/14/2001, you wrote:

>On 2001-11-14 at 16:52 -0600, Todd Jagger wrote:
> > mail hub. Basically if an email to "anyone@???" passes
> > through their system they send a quick little smtp telnet to the
> > specified machine, and if it doesn't return a 550 error the account
> is
>
>"it" is actually ambiguous -- could be "RCPT TO" or "VRFY"; however
>from the rest of the mail I suspect the former.



Yes, that is what "it" is looking for, the RCPT TO response.


> > created and the mail delivered. If it does get a 550 error the
> account
> > is not created and the mail is also delivered to just bounce as
> normal.
> >
> > Because of this hub -> forwarder arrangement, however, all
> > verifications are coming back positive. I really don't want to
> have
> > them deliver to any other machine than the hub.
> >
> > Is there any simple way for me to set up Exim to send a 550 error
> for
> > invalid addresses directly from the mail hub?
> >
> > Hope I've explained this properly....
>
>If you have, and I'm understanding correctly, then your issue is that
>for administrative simplicity, your hub knows nothing about local
>users
>and just farms out the work to other servers. Now, for an external
>service, you need your hub to know about local users.


Exactly.


>If you don't have any infrastructure supporting knowledge of user
>accounts, you're really stuck with having to pull in all the
>information
>from the other servers, daily, and building lists of local users, and
>some "no_verify" hackery on the director which actually maps the
>domains
>out for remote delivery to the other hosts.


Hmmm... sounds like fun... :-)


>Really, this is an argument for things like LDAP, providing a master
>database (replicated for stability) of users and information about
>them.


>You can get by for now with some Perl/poison-of-choice scripting, but
>if
>you have a lot of such domains and they're going to increase, and
>you're
>having trouble keeping information about your users synchronised
>across
>systems, you will probably find it worthwhile to read up on LDAP.


I like LDAP. Maybe this is what it will take for me to actually just
do it.

Can anyone think of anything a touch more immediate? That doesn't
require me to re-work a core part of our mail system?

Thanks for the input. Greatly appreciated.

Todd