Re: [Exim] ACL to verify recipient

Top Page
Delete this message
Reply to this message
Author: Matt Bernstein
Date:  
To: Alan J. Flavell
CC: William Craven, exim-users
Subject: Re: [Exim] ACL to verify recipient
On Aug 31 Alan J. Flavell wrote:

>On Sat, 31 Aug 2002, William Craven wrote:
>
>> I have been noticing lately that a lot of messages in our queue have
>> been frozen because Exim is sending bounce messages to non existant
>> senders (eg forged senders with correct domains - for example
>> bogus@???).
>
>Indeed, this seems to be a popular hobby.
>
>> What I would like to to is reduce the amount of bounce messages by
>> verifying that the recipient address is valid on our system before
>> accepting the message.
>
>Take care that you don't simply hand the spammers an address-checking
>facility for laundering their dirty lists.


Here's a silly thing to do if you care[1] that much:

(NB this can make the RCPT ACL be half of your configuration file if you
use a lot of RBL-style lists)

    accept    local_parts = postmaster : abuse
        domains = +local_domains : +relay_domains


    deny    hosts = +rbl_hosts
        !verify = recipient
        message = $sender_host_address is in RBL; \
            see http://mail-abuse.org/ or mail abuse@REAL_DOMAIN
        log_message = said RBL; really[2]
        dnslists = rbl-plus.mail-abuse.org = \
            127.1.0.1, 127.1.0.3, 127.1.0.5, 127.1.0.7


    warn    message = X-RBL-Warning: $sender_host_address is in RBL; \
            see http://mail-abuse.org/
        log_message = found in RBL
        dnslists = rbl-plus.mail-abuse.org = \
            127.1.0.1, 127.1.0.3, 127.1.0.5, 127.1.0.7


[1] your caring involves doing DNS lookups you might not otherwise have
done, just to provide a possibly misleading (though possibly not false)
reason for your rejection!

[2] this gives log lines of the form

H=(yahoo.ca) [217.141.233.66] F=<patricehari@???> rejected RCPT
<saj1@???>: said RBL; really: Unrouteable address