Re: [Exim] sender_verify does not block invalid domains

Top Page
Delete this message
Reply to this message
Author: Nigel Metheringham
Date:  
To: Stuart Gall
CC: Exim Mailing List
Subject: Re: [Exim] sender_verify does not block invalid domains
On Thu, 2001-12-06 at 14:18, Stuart Gall wrote:
[...]
> I have added a linux system (leuy) to handle incoming SMTP so I can use
> exiscan to scan for viruses, if the mail is OK it just passes it on to
> heuy for delivery. (leuy is V3.33 too)


[...]
> Now leuy for some reason sender verify does not work. There was an issue
> with reverse dns not being configured correctly to get the name of the
> DNS server but I have fixed that now. Still invalid senders are
> accepted.


So the routers for leuy are a catchall which passes everything on, so
from its point of view *everything* is deliverable, and so does pass the
verify tests!

When you verify a sender address (or any address) you see if you are
able to deliver it... which you can!

Solution is to mark your catchall router with no_verify, so now you
reject everything, wonderful!

If you also want to allow some things through, add a standard dns router
(ie steal the one from your other box), and add a verify_only flag to
that.

You may find that this causes latency problems etc, although if you
share a DNS cache between the 2 boxes that should mitigate these
problems.

    Nigel.
-- 
[ Nigel Metheringham           Nigel.Metheringham@??? ]
[ Phone: +44 1423 850000                         Fax +44 1423 858866 ]
[ - Comments in this message are my own and not ITO opinion/policy - ]