Re: [exim] Doing recipient verification earlier in the defau…

Top Page
Delete this message
Reply to this message
Author: Tony Finch
Date:  
To: exim-users
CC: Marc Haber
Subject: Re: [exim] Doing recipient verification earlier in the defaultconfig
On Tue, 25 Jul 2006, Philip Hazel wrote:
> On Mon, 24 Jul 2006, Marc Haber wrote:
>
> > I think that the same can be accomplished with the following ACL:


I suggest moving the anti-relaying check earlier, since it is very cheap.

> > (1) Accept local SMTP
> > (2) Deny restricted characters in recipient addresses
> > (3) Accept postmaster
> > (4) Verify Sender
> > (5) Accept relay_from_hosts
> > (6) Accept authenticated


require
message = Relaying is not permitted
domains = +local_domains : +relay_to_domains

> > (7) Deny invalid recipients ("deny !verify=recipient")


I have recipient verification after hte anti-spam checks, because it is
expensive for me - we use call-forward verification for addresses at
internal mail servers.

> > (8) DNS Black Lists
> > (9) CSA


accept everything at the end.

Tony.
--
<fanf@???> <dot@???> http://dotat.at/ ${sg{\N${sg{\
N\}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4}}\
\N}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4}}