On Fri, Oct 10, 2003 at 12:33:53PM +0100, Philip Hazel wrote:
> On Fri, 10 Oct 2003, Jez Hancock wrote:
> > After running 'exim -d -bvs local_part@domain' it seems that exim is
> > only checking to see if 'domain' exists and if so the verification
> > succeeds. What am I missing here?
>
> If it's a remote domain, that is all that will happen for -bvs, which
> just runs the routers in verify mode. If you want to check local parts,
> you have to use the "callout" options in ACLs. There isn't a simple
> command-line option for doing that kind of check. Maybe there should
> be...
Ah I thought that might be the case. I'd read through the section in
the book about callout verification in ACLs (chapter 14?) and presumed
that the same kind of local part check was performed using -bvs for a
remote domain.
I do have callouts in my ACLs which work perfectly, but recently I've
been receiving a lot of spam with forged yahoo.com from addresses
(another story:=) and the query came up when I tried to verify using
-bvs. Yahoo seems to let some invalid users through in exim's callout
verification for some reason.
Would it be a lot of bother in any way to add remote sender verification
when exim is invoked with -bvs? If not can I add it to the wishlist? :)
--
Jez Hancock
- System Administrator / PHP Developer
http://munk.nu/