On 2007-09-10 at 07:11 +0200, Steen Eugen Poulsen wrote:
> I have a mail server thats the front door and a semi hidden real mail
> server for it to hand off the mail to.
>
> So I want it to do
>
> accept domains = +gateway_for_domains
> endpass
> message = unroutable address
> verify = recipient
>
> off course since localhost is main MX, that breaks and all the ways I can
> find to modify the MX, isn't accepted in accept acl's.
(1) You route the +gateway_for_domains separately in the Routers
section, before the send-to-MX router. Look at the "manualroute"
driver. Something like (untested):
internal_handoff:
driver = manualroute
domains = +gateway_for_domains
transport = remote_smtp
route_data = my.internal.mail.hostname
no_more
(2) To make it actually talk to a remote server to verify the address,
if that's what you're trying to do, you need the ACL to have:
"verify = recipient/callout=<some.options.here>"
(see: 40.37 Additional parameters for callouts)
What you have now verifies the recipient with locally configured data;
that's a better idea, if you have the data available, but you don't
mention it so I'm covering callout in case that's what you need. Local
verification is better because Exim is a pretty scalable service and
able to do pretty much any kind of recipient verification, if you
configure it right, which means that a heavy zombie spam run won't
overload the internal hidden server with verification duties.
Regards,
-Phil
