On my secondary machine I want to verify recipients
just as if the message was being delivered to my primary.
Is the best method to use a callout?
I've modified the acl_check_rcpt ACL like:
accept domains = +relay_to_domains
endpass
message = unrouteable address
verify = recipient/callout=15s,defer_ok
I want to reject mail right away instead of bouncing when delivered to
the primary.
With my exim3 setup, *@<relay_domains> was accepted on the secondary. That lead
to frozen messages on the primary when bounces could not be delivered.
I'm also using:
deny !acl = acl_whitelist_local_deny
!verify = sender/callout=20s,defer_ok
so maybe that's enough and let the primary bounce if the recipient
doesn't verify.
Other then the cost of the callout to the primary, is there anything
wrong with using the recipient callout?
This is on a small network, and my secondary really is more of a
backup/mirror of the primary. The hope is if the primary fails I could
reasonably quickly reset the backup as the primary machine (change IP
and names, etc.).
The primary and secondary have basically the same exim4.conf config,
except one has the domains listed as local_domains and the other as
relay_to_domains. So, the secondary actually knows enough to verify the
recipient without doing a callout.
If my primary fails and mail queues on the secondary, will exim deliver
locally (on the secondary) if I use the primary's exim.conf on the
secondary and restart exim?
Thanks,
--
Bill Moseley
moseley@???