Re: [exim] Recipient verification doesn't work at SMTP time

Top Page
Delete this message
Reply to this message
Author: Alexander Stintzing
Date:  
To: exim-users, exim-users
Subject: Re: [exim] Recipient verification doesn't work at SMTP time
Okok,

I misunderstood this no_verify option.
Adding this to the spam-router works as expected.

Thank you very much!

Alexander Stintzing schrieb:
> Hello Phil,
>
> thanks for your reply!
>
> The background of this setup is a per-domain-bayes db. I use the
> exiscan-solution with other setups, but in this special case I couldn't
> find a way to seperate the databases per domain by exiscan.
>
> So, for all domains, I added an system-user with the same name, so every
> (system)user/domain has its own db. The spamc uses this users for
> learning and checking.
>
> I bought the exim-book (Official Guide for Release 4) to get deeper, but
> I don't understand, why the ACl doesn't work. I explicitly set
> "verify_recipient" in the spamcheck routers, but this doesn't do anything.
>
> I also defined a router directly after the dnslookup with verify_only
> and pass_router = spamcheck, but mails to a non existent user have been
> accepted.
>
> Perhaps there is another solution for a per-domain-bayes-check? Perhaps
> with exiscan? I didn't find some.
>
> At the moment I got stuck.
>
> Phil Pennock schrieb:
>
>> On 2008-09-01 at 19:44 +0200, Alexander Stintzing wrote:
>>
>>
>>> I set up an exim with virtual users stored in a MySQL-Database. When I
>>> send a message to existentuser@??? it is scanned and delivered
>>> correctly. But when I send a message to nonexistent@??? which
>>> should be rejected immediately, it will be accepted at first, then it's
>>> spam-scanned and after that, Mail delivery failed: returning message to
>>> sender.
>>>
>>> Perhaps somebody will find the error:
>>>
>>>
>> The spam routers accept all mail, so all addresses will verify.
>>
>> The entry in the ACL used for acl_smtp_rcpt which includes "verify =
>> recipient" will not use the Routers marked no_verify for determining
>> whether or not an address exists. However, if you do this then you'll
>> accept spam and generate a bounce, producing backscatter.
>>
>> In simple configurations, you can get away with reproducing the
>> recipient verification checks on the spam Router which accepts mail, so
>> that it only accepts mail for those who would have been accepted anyway.
>> This might be awkward with your setup.
>>
>> Which is why spam-scanning is really best not done by Routers, but in
>> the ACL logic. You're using spamc to use spam-assassin as a client; you
>> should look at setting spamd_address instead and then the 'spam'
>> condition in an ACL.
>>
>> Read http://wiki.exim.org/ExiscanExamples to get some ideas of what you
>> could be doing.
>>
>> -Phil
>>
>>
>>
>
>
>