Re: [Exim] Conditional callout

Top Page
Delete this message
Reply to this message
Author: Nico Erfurth
Date:  
To: Russell Wilton
CC: exim-users
Subject: Re: [Exim] Conditional callout
Russell Wilton wrote:
> Environment: Exim Ver 4.05 on RedHat linux Ver 7.2
>
> This may be obvious, but it is possible to do a "verify sender/callout"
> for specific domains only. We found that spammers forging return
> addresses almost always use one of the big domains like hotmail, aol,
> excite, etc., which respond properly to a callout. So I added a deny
> command to my RCPT ACL to just do callouts for them and let everything
> else pass:
>
> deny    sender_domains = +callout_domains
>         message = We block non-existent senders.
>         !verify = sender/callout

>
> The callout_domains list is the list of big domains that I want to do
> callouts for. This is blocking about 1000 spam messages a day for us,
> out of our normal input of about 25,000, so it seems to be pretty
> effective.


Have you tested it?
I have the same setup, and it works great for me ;)
deny    message = Unroutable sender address
         log_message = Unroutable sender address while callout verify
         condition = ${lookup {$sender_address_domain} cdb \
                           {/etc/exim/calloutdomains.cdb}{yes}}
        !verify = sender/callout=20s/callout_defer_ok



So yes, this works, as long as it is in the right place in your acl.

Btw: Can you send me your list for callout_domains please?

ciao