In case it affects anyone else; be careful with callouts.
I used to have this in my check_recipient acl:
require verify = sender/callout=20s,random,postmaster
require verify = recipient/callout=20s,random
accept domains = +local_domains
accept domains = +relay_domains
accept hosts = +relay_hosts
deny message = relay not permitted
Then I got a MAIL FROM:<somelocalpart@???>
Exim did a callout to the primary (only) MX for that domain, 127.0.0.3,
and spoke to another instance of itself. It sent MAIL FROM:<> and RCPT
TO:<somelocalpoart@???>
The second instance of Exim did a callout to 127.0.0.3 again to verify
the recipient...
Repeat until Exim stops accepting connections because there are too many
concurrent SMTP sessions. :)
Exim probably shouldn't do callouts to the local host. Doesn't it
already have logic to prevent sending mail when a higher priority MX
host turns out to be the local host?
For now, I've adjusted the ACL as follows:
require verify = sender/callout=20s,random,postmaster
accept domains = +local_domains
verify = recipient
deny domains = +local_domains
message = Unknown recipient
accept domains = +relay_domains
verify = recipient/defer_ok/callout=20s,random,defer_ok
deny domains = +relay_domains
message = Unknown recipient at target domain
accept hosts = +relay_hosts
verify = recipient/callout=20s,random
deny hosts = +relay_hosts
message = Failed to verify recipient
deny message = relay not permitted
--
dwmw2
