Re: [exim] verify recipe when forwarding for a non MX host

Top Page
Delete this message
Reply to this message
Author: Phil Pennock
Date:  
To: Steen Eugen Poulsen
CC: exim-users
Subject: Re: [exim] verify recipe when forwarding for a non MX host
On 2007-09-10 at 07:11 +0200, Steen Eugen Poulsen wrote:
> I have a mail server thats the front door and a semi hidden real mail
> server for it to hand off the mail to.
>
> So I want it to do
>
> accept domains = +gateway_for_domains
> endpass
> message = unroutable address
> verify = recipient
>
> off course since localhost is main MX, that breaks and all the ways I can
> find to modify the MX, isn't accepted in accept acl's.


(1) You route the +gateway_for_domains separately in the Routers
    section, before the send-to-MX router.  Look at the "manualroute"
    driver.  Something like (untested):


    internal_handoff:
      driver = manualroute
      domains = +gateway_for_domains
      transport = remote_smtp
      route_data = my.internal.mail.hostname
      no_more


(2) To make it actually talk to a remote server to verify the address,
    if that's what you're trying to do, you need the ACL to have:
     "verify = recipient/callout=<some.options.here>"
    (see: 40.37 Additional parameters for callouts)


What you have now verifies the recipient with locally configured data;
that's a better idea, if you have the data available, but you don't
mention it so I'm covering callout in case that's what you need. Local
verification is better because Exim is a pretty scalable service and
able to do pretty much any kind of recipient verification, if you
configure it right, which means that a heavy zombie spam run won't
overload the internal hidden server with verification duties.

Regards,
-Phil