[Exim] verivy does not work

Top Page
Delete this message
Reply to this message
Author: sharun
Date:  
To: exim-users
Subject: [Exim] verivy does not work
I have exim-4.12 with latest exiscan.
Here is my acl_check_rcpt acl:

acl_check_rcpt:
  accept  hosts = :
  deny  local_parts     = ^.*['@%!/|]
            domains     = +local_domains
            message     = <$local_part@$domain>... malformed address


  deny  local_parts     = ^mailer-daemon[0-9]+
            domains     = +local_domains
            message     = Massive SPAM wave with From: mailer-daemonXXXXX@??? does not originate from ukr.net


  deny      message     = HELO/EHLO required by SMTP RFC
          condition     = ${if eq{$sender_helo_name}{}{yes}{no}}


  deny      message     = Invalid HELO/EHLO given
         !condition     = ${if match{$sender_helo_name}{\\\.}{yes}{no}}


  deny    condition     = ${if eq{$sender_address_local_part}{offer}{yes}{no}}
            message     = rejected: no offers here.
  deny    condition     = ${if eq{$sender_address_local_part}{offers}{yes}{no}}
            message     = rejected: no offers here.
  deny    condition     = ${if eq{$sender_address_local_part}{offerz}{yes}{no}}
            message     = rejected: no offers here.
  deny    condition     = ${if eq{$sender_address_local_part}{bounces}{yes}{no}}
            message     = rejected: no bounces here
  deny    condition     = ${if eq{$sender_address_local_part}{bounce}{yes}{no}}
            message     = rejected: no bounces here
  deny    condition     = ${if eq{$sender_address_local_part}{anonymous}{yes}{no}}
            message     = rejected: anonymous sender not welcome here.
  deny    condition     = ${if eq{$sender_helo_name}{yahoo.com}{yes}{no}}
          message       = UCE not allowed
  deny    condition     = ${if eq{$sender_helo_name}{localhost.localdomain}{yes}{no}}
          message       = UCE not allowed
  deny    condition     = ${if eq{$sender_helo_name}{aol.com}{yes}{no}}
          message       = UCE not allowed
  deny    condition     = ${if eq{$sender_helo_name}{163.com}{yes}{no}}
          message       = UCE not allowed
  deny    condition     = ${if eq{$sender_helo_name}{lycos.com}{yes}{no}}
          message       = UCE not allowed
  deny    condition     = ${if eq{$sender_helo_name}{netscape.com}{yes}{no}}
          message       = UCE not allowed
  deny    condition     = ${if eq{$sender_helo_name}{netscape.net}{yes}{no}}
          message       = UCE not allowed
  deny    condition     = ${if eq{$sender_helo_name}{mail.ru}{yes}{no}}
          message       = UCE not allowed
  deny    message       = Only one receipient accepted for NULL sender
          senders       = :
          condition     = ${if >{$rcpt_count}{1} {1}}
  deny    condition = ${if eq{$sender_helo_name}{ukr.net}{yes}{no}}
          message       = Wrong HELO/EHLO given.
  deny    condition = ${if eq{$sender_helo_name}{mx-1.ukr.net}{yes}{no}}
          message       = Wrong HELO/EHLO given.
  deny    condition = ${if eq{$sender_helo_name}{212.42.65.67}{yes}{no}}
          message       = Wrong HELO/EHLO given.


  accept  local_parts   = postmaster:rbl-remove:abuse
          domains       = ukr.net


  deny    sender_domains= +BAD_DOMAINS
          message       = rejected: sender domain blacklisted


  deny    senders       = +BAD_MAILFROM
          message       = rejected: sender blacklisted


  deny    hosts         = +BAD_HOSTS
          domains       = +local_domains
          message       = rejected: $sender_host_address blacklisted


  deny    message       = Stop! http://rbl.ukr.net/cgi-bin/view.cgi?$sender_host_address
          dnslists      = rbl.ukrnet


  deny    domains       = ukr.net
          sender_domains= +CALLBACK_DOMAINS
          !verify       = sender/callout=20s/no_details
          message       = rejected: sender not available


  require verify        = sender


  accept  domains       = ukr.net
          condition     = ${lookup{$local_part}lsearch{/usr/exim4/tables/UKR.NET-ROUTING}{yes}{no}}
  deny    domains       = ukr.net
          !condition    = \
${lookup mysql{select username from user where username='$local_part'}{yes}{no}}
          message       = <$local_part@$domain>... no such user
          delay         = ${eval: $rcpt_fail_count * 1}s


  deny    domains       = ukr.net
          condition     = \
${lookup mysql{select flags from user where username='$local_part' and \
(flags=8 or flags=10 or flags=64)}{yes}{no}}
          message       = \
<$local_part@$domain>... ${lookup{${lookup mysql{select flags from user where username='$local_part' and \
(flags=8 or flags=10 or flags=64)}}}lsearch{/usr/exim4/tables/FAILURE}}


  accept  senders       = :
          domains       = +local_domains


  accept  domains       = ukr.net
          endpass
          verify        = recipient
  accept  hosts         = +relay_from_hosts


  deny    message       = Relaying denied



So, any of "verify" does not work at all.
verify stop working (IMHO) in 4.12 with this config
Putting verify on top does not have any effects. Changing sender_domains to
manual list (sender_domains=hotmail.com) and future check shows,
that verify still not work with 100% nonexistent mail_from @hotmail.
Why 2 verify ? Because I need to check few domains with callback,
and all for MX/A.

On my workstation (same exiscan and exim) verify work great, but
only with 7 rulesets in acl

--
VVS56-RIPE