[Exim] inconsistency with "verify = sender" and sender verif…

Top Page
Delete this message
Reply to this message
Author: Joerg Pichel
Date:  
To: exim-users
Subject: [Exim] inconsistency with "verify = sender" and sender verify cache
Hi,

recently we received an email with four recipients. But only the first one
got the message. The other "RCPT TO: <...>" where rejected with "550
Sender verify failed".


I use exim 4.12 with a RCPT ACL where you can find

  require message = sender verify failed
          verify  = sender


  warn message = X-Verify-Warning: Envelope sender ($sender_address) can not be verified (callout failed)
      !verify  = sender/callout



I inspected the log files and the config and came to the following
conclusion: exim has a caching problem with sender verify results.

Here my thoughts about how exim works:

During first "RCPT" the senders domain is tested by
    "require verify = sender"


this gives an "OK". Further on the callout
    "warn verify = sender/callout


failed but gives only a warning. The first "RCPT TO: <recipient-one>"
gets "250 OK" but the sender is marked with "verification failed" in
the sender verify cache.

When the second "RCPT TO: <recipient-two>" arives the verification cache
reads "sender verification failed" and therefore the
    "require verify = sender"


gives "FAILED" and the "RCPT" is rejected with "550 sender verify failed".


Any other ideas/solutions/patches?


Joerg Pichel


--
Joerg Pichel                  mailto:joerg.pichel@sdm.de
sd&m AG                       http://www.sdm.de
software design & management
Thomas-Dehler-Str. 27, 81737 Muenchen, Germany
Tel +49 89 63812-112  Fax -555