Re: [Exim] exim4: acl_smtp_mail ?

Top Page
Delete this message
Reply to this message
Author: Philip Hazel
Date:  
To: Phil Chambers
CC: exim-users
Subject: Re: [Exim] exim4: acl_smtp_mail ?
On Mon, 11 Mar 2002, Phil Chambers wrote:

> I had not noticed that Exim 4 would not be issuing 5xx after MAIL FROM. I will need
> to see how that effects my setup. We have always had a small, but significant,
> number of users who mis-type (or just get it wrong) their own e-mail address when
> configuring their e-mail software. At present, when they try to send a message,
> their software gets a rejection when it does the MAIL FROM and the error message
> they get is distinctly different from what they get if it is the RCPT TO that fails.


Well under Exim 4, if you set up your ACL suitably, you can arrange for
the output to be like these examples:

1. For a sender verification failure:

MAIL FROM:<x@y>
250 OK
RCPT TO:<a@b>
550-Verification failed for <x@y>
550-Unrouteable address
550 sender verify failure

2. For a recipient verify failure:

RCPT TO:<a@b>
550 recipient verify failure

> Our helpdesk staff recognise these failures and can quickly tell the users what is
> wrong.


I assume your users and helpdesk staff could be trained to tell the
difference between "sender verify failure" and "recipient verify
failure". :-)

> I can see it being confusing when the users are told that it is the
> recipient addresses which are wrong.


They can be explicitly told that it is the sender address that is wrong.
The wording is under your control. You can make it as verbose as you
like.

> Any chance we could have a "fail_mail_from"
> option?


There is no chance of that. It needs to know under what conditions to
fail the MAIL command. (The existing ACL is no good - it may be testing
data that is associated with the recipient.) If enough people pressure
me, I could add a new ACL that is run at MAIL time. I don't, however,
believe that it is really a good idea, for the reasons outlined in my
previous response.

Note also that if you insist on failing a sender before looking at the
recipient, you cannot make any exceptions such as "always accept mail to
postmaster, even if sender verification fails". That's another reason
for doing all the checking at RCPT time.

Philip

--
Philip Hazel            University of Cambridge Computing Service,
ph10@???      Cambridge, England. Phone: +44 1223 334714.