Re: [Exim] ACL to verify recipient

Góra strony
Delete this message
Reply to this message
Autor: Alan J. Flavell
Data:  
Dla: William Craven
CC: exim-users
Temat: Re: [Exim] ACL to verify recipient
On Sat, 31 Aug 2002, William Craven wrote:

> I have been noticing lately that a lot of messages in our queue have
> been frozen because Exim is sending bounce messages to non existant
> senders (eg forged senders with correct domains - for example
> bogus@???).


Indeed, this seems to be a popular hobby.

> What I would like to to is reduce the amount of bounce messages by
> verifying that the recipient address is valid on our system before
> accepting the message.


Take care that you don't simply hand the spammers an address-checking
facility for laundering their dirty lists.

> I have read the ACLs section in the manual and I
> am uncertain as to which ACL block to use and what ACL.


What is your situation? - are you the final MTA delivering to these
users, in which case [*examples only, loosely based on own settings*]

deny !verify = recipient
     message = whatever you want to tell


is what our configuration says; or are you acting as a relay for other
final-delivery domains, in which case something like

deny domains = what.ever
     !verify = recipient/callout
     message = whatever you want to tell


could be the ticket - Of course the latter only works if the
final-delivery MTA responds usefully to such a callout.

However, I would recommend other measures first, such as IP and
envelope-sender blacklisting, to reduce the number of imposters to
whom you hand-out this kind of information, which they can use as
cleanup measures for their spamming lists.

The other increasingly-popular move seems to be to counterfeit either
some other valid local address, or even the address of the intended
local recipient, as envelope-sender. This is a real drag, since
bouncing these messages puts them straight into the hands of the
victims: but trying to block local envelope-senders on inbound mail
results in all kinds of unfortunate anomalies.

good luck