Re: [exim] Limiting verification callouts to own hosts

Top Page
Delete this message
Reply to this message
Author: Tim Wilde
Date:  
To: Martijn Grendelman
CC: exim-users
Subject: Re: [exim] Limiting verification callouts to own hosts
Martijn Grendelman wrote:
>
> Well, the problem was, like I wrote earlier, that this server didn't
> really know which domains qualify for a callout and which don't.


So, your criteria for determining if you should do callout or not is
what, exactly? The lowest (numerical) preference MX record? If that's
the case, you could put a condition in your ACL statement before the
verify = recipient/callout... using a dnsdb lookup, as described at:

http://www.exim.org/exim-html-4.63/doc/html/spec_html/ch09.html#SECTdnsdb

You'd need to do some regex matching or something to determine which one
was the lowest pref MX, unless you would be satisfied enough just to
check that your primary mail server is somewhere in the results, in
which case it would be somewhat easier. It's going to be a chunk of
extra overhead to be doing these DNS queries all the time, of course,
but assuming your local resolver caches them, it shouldn't be too bad.

Regards,
Tim