On Sun, Nov 25, 2007 at 10:59:58PM -0700, Jarom Hatch wrote:
> I am working on an existing exim config file that has been tweaked to no
> end. My goal is to reject email addressed to non-existent users at SMTP
> time using ACLs and return a "no such user" error to the originating
> server. But I'm having trouble getting it to work.
Ensure non-existent users do not route, then add "require verify = recipient"
in the RCPT ACL. For more information, either read the manual, or search the
archives, or read the FAQ (
http://wiki.exim.org/FAQ/) - this question has been
answered countless times before.
As for defending against dictionary attacks: fix the above part first, and the
dictionary attack problem will become much easier. Again, there are mentions
of this in the FAQ and in the archives, but if you still need a pointer, ask
again after you've fixed the "verify" part.
Good luck,
--
Dave Evans
http://djce.org.uk/
http://djce.org.uk/pgpkey