Re: [Exim] Help with acl_check_rcpt

Top Page
Delete this message
Reply to this message
Author: Andreas Metzler
Date:  
To: exim-users
Subject: Re: [Exim] Help with acl_check_rcpt
On 2004-07-06 Graham Dodd <g.dodd@???> wrote:
> I'm still battling unknown recipients and would appreciate help from the
> experts.
>
> I have the following:
>
>   accept  domains       = +local_domains
>           endpass
>           verify        = recipient

>
> which I understand to mean: If it's a local domain and the user is not
> verified then deny, if it's not a local domain then go to next ACL.


correct. with "the user is not verified" meaning that exim checks
whether it can deliver the mail or not, i.e. usually whether the
local user exists.

> The problem with this is exim will then attempt to return the email
> to sender (but what if the sender isn't valid)


No. There is no mail to return. We are simply rejecting RCPT TO.

> What I want to do is drop if it's a local domain and the sender is not
> verified, so:


"drop" does drop the connection.

>   drop  domains = !+local_domains
>         verify  = recipient
>         message = unknown user


> But if it's a relay_to_domain then it gets dropped .....oops
>
> So I was thinking of:
>
>   drop  domains = !+local_domains: !+relay_to_domains
>         verify  = recipient
>         message = unknown user

>
> Does this make sense or do I need to keep reading the book


No it does not make sense. It will drop the connection if a mail is
received that is targeted at domains if the recipient *can* be
verified and the recipient is not listed in local_domains or
+relay_to_domains.

As you probably hav a router to deliver remote mail recipient
verification will always suceed and therefore all non-local mail (even
outgoing) will be dropped.
              cu andreas
--
"See, I told you they'd listen to Reason," [SPOILER] Svfurlr fnlf,
fuhggvat qbja gur juveyvat tha.
Neal Stephenson in "Snow Crash"