Aren't you sending from a $sender_address which is in the whitelist?
Using this ACL:
# Whitelist on mailbox level
accept
message = Sender $sender_address is in local Whitelist
condition = ${if !eq {}{${lookup pgsql {SQL_WHITELIST}}}}
You may also have the check disabled in you pgsql in the condition statememt
condition = ${if eq {t}{${lookup pgsql {SQL_VERIFY_SENDER}}}}
Erwin Ambrosch|XHOSTPLUS wrote:
> Hi,
>
> here my ACLs. I do not send from localhost to test this issue.
>
> begin acl
>
> # ACL that is used after the RCPT command
> check_recipient:
>
> accept
> hosts = 127.0.0.1/24
>
> # Whitelist on mailbox level
> accept
> message = Sender $sender_address is in local Whitelist
> condition = ${if !eq {}{${lookup pgsql {SQL_WHITELIST}}}}
>
> # Blacklist on mailbox level
> deny
> message = Sender $sender_address is in local Blacklist
> condition = ${if !eq {}{${lookup pgsql {SQL_BLACKLIST}}}}
>
> deny local_parts = ^.*[@%!/|]
>
> # If user defiend just verifying the domain
> deny !verify = sender
> condition = ${if eq {t}{${lookup pgsql
> {SQL_VERIFY_SENDER_DOMAIN}}}}
>
> # If user defiend verifying the whole address
> deny !verify = sender/callout=15s
> condition = ${if eq {t}{${lookup pgsql {SQL_VERIFY_SENDER}}}}
>
> accept domains = +local_domains
> endpass
> # Otherwise the RCPT TO command alway retuns "250 Accepted"
> # because the verify condition just works with files.
> # If not checking this, mails which can not be sent back to
> the sender
> # remain in the queue until the retry time is passed.
> condition = ${if eq {}{${lookup pgsql
> {SQL_Q_ACL_MAIL_BOX}}}{no}{yes}}
> message = unknown user
> # Verifing the recipient is no longer neccessary, because
> # we are using the condition constraint.
> #verify = recipient
>
> accept authenticated = *
>
> deny message = relay not permitted
> log_message = relay not permitted
>
> # ACL that is used after the DATA command
> check_message:
> accept authenticated = *
> accept
>
>
> Thanks for helping me!
>
> Regards
> Erwin
>
>
> Renaud Allard schrieb:
>>
>> Erwin Ambrosch|XHOSTPLUS wrote:
>>> Hi All,
>>>
>>> I've exim4 configured to do a verify = sender/callout=15s and it
>>> works for sender which domain is not in the list of local_domains. If
>>> an E-Mail is sent with the domain_part existing in the local_domains,
>>> it exim4 doesn't perform the sender/callout verification.
>>>
>>> Here my ACLS effected by this issue:
>>>
>>> deny !verify = sender/callout=15s
>>>
>>> accept domains = +local_domains
>>> endpass
>>> verify = recipient
>>>
>>
>> The order of the ACLs is very important. Are you sure you aren't sending
>> mail from an IP accepted in a former ACL? You should send your full
>> config (at least the ACL part) for us to help you efficiently.
>>
>
--
010100100110010101101110011000010111010101100100
010000010110110001101100011000010111001001100100
