Morten W. Petersen wrote:
> Hi,
>
> I have a server setup with Exim 4, which acts as a greylisting
> relay in front of the "real" mail system.
>
> This works well (extremely well in fact), but I have a little
> problem with the mail queue growing to 10000+ frozen messages,
> frozen because the "real" mail system either rejects the recipient
> or because it refuses to act as a relay (the greylisting relay
> accepts everything and forwards it to the real mail system).
>
> So, is it possible to have the greylisting relay discard messages
> that are rejected with a 550 relay not permitted / unknown user
> immediately, or after lets say 2 tries?
You should really be doing a recipient callout at RCPT time so that you
can reject bad recipient before accepting the message and causing a
billion message of collateral spam. Or better still, give your front
line server the intelligence to know all the valid accounts. I'm
surprised some spamming prick hasn't already abused your server to send
bounce spam.
Accepting everything is bad, mkay?
A little bit snipped from my acl_check_rcpt config (ahhh evil! It used
endpass which is supposedly A Bad Thing because it's confusing..), with
the callout stuff added on.
accept domains = +relay_to_domains
endpass
verify = recipient/callout=10s,defer_ok
All details are neatly posted in the user manual which you might want to
check out as there quite a few more options you might need if you
internal mail server is brain dead at all. If it is a mail server that
accepts all recipients and bounces bad ones, you'll need to turn on
recipient checking there too :P Exchange has/had that questionable
behaviour by default.
http://www.exim.org/exim-html-4.66/doc/html/spec_html/index.html#toc0340
Good luck!
Ted.
