[Exim] Exim 4.10 sender verify callout using low-priority MX…

Top Page
Delete this message
Reply to this message
Author: Kevin P. Fleming
Date:  
To: exim-users
Subject: [Exim] Exim 4.10 sender verify callout using low-priority MX record
I've got an Exim 4.10 server with sender callout verification enabled in
an ACL. Another server that I also maintain, for a different domain, is
trying to send mail to the first server. The first server is reporting a
temporary error: "Sender callout verification timed out". There is only
one mail server for the sending domain, and I can't see _any_ attempt
for sender verification arriving at the sending server.

After doing some checking, I find that we still have an old second
priority MX record for the sending domain, a leftover from when a server
switch mas made. So, the MX records for the sending domain look like this:

IN MX 5 server.domain.com
IN MX 10 server-old.domain.com

For some reason, Exim on the receiving server is trying to do the sender
verification callout to the priority 10 server, not the priority 5
server. The priority 10 server doesn't exist any more, so having it
still in DNS is my problem... but I don't understand why Exim is not
using the primary server MX record for the callout. It most certainly
can connect to that server, as the original message is being delivered
from that server.