Jamie Nudds wrote:
> --
> [ Picked text/plain from multipart/alternative ]
> Hi I am just checking to see if I have altered my ACL rigtht... I wanted to
> allow certain domains through even though they fail on the sender verify
> test.
>
> acl_check_rcpt:
> accept hosts = :
> etc..
>
> require verify = sender/callout/callout_defer_ok
> accept sender_domains = !allow.com : !domain-allow.com
> accept domains = +local_domains
> endpass
> message = unknown user
> verify = recipient
>
> Is that okay?
No, it's wrong
require verify = sender/callout/callout_defer_ok
This will deny when the callout fails.
If you don't want to exclude domains from the callout, use this:
deny !domains = allow.com : domain-allow.com
!verify = sender/callout,defer_ok
If you want to do the callout in ANY case, but want to allow some
specific domains to go through, even if the callout fails, use this
deny !verify = sender/callout,defer_ok
!domains = allow.com : domain-allow.com
