Re: [exim] callout ACLs

Top Page
This message is part of the following thread:
M\the complete thread tree sorted by date
MMIan P. Christian at <-
MJakob Hirsch at ->
Delete this message
Reply to this message
Author: Ian P. Christian
Date:  
To: exim users
Subject: Re: [exim] callout ACLs
2009/2/5 Ian P. Christian <pookey@???>:
> I'm trying to build up some ACLs to do recipient callout verification
> for domains we route to.
>
> Initially, I want to see if it's a domain with a catch-all, if it is
> we can remember that fact, and not need to redo the callout everytime.
>
> If that fails for whatever reason, I don't want a defer, or a deny, it
> should just continue to the next ACL.

This issue is caused by the following documented behavior:

Section 40.41:
'If the response to the RCPT command is a 2xx code, the verification
succeeds. If it is 5xx, the verification fails. For any other
condition, Exim tries the next host, if any. If there is a problem
with all the remote hosts, the ACL yields "defer", unless the defer_ok
parameter of the callout option is given, in which case the condition
is forced to succeed. '

This seems to limit me for when you don't want it to accept, deny or
defer, but rather to fall though to the next ACL.

Also, I'm having issues dealing with callouts that fail due to
connectivity/dns issues - as shown below (trying with both defer_ok,
and without it) I'm unable to deal with this condition. 

  warn
          !verify       = sender/callout=1m,defer_ok
          set acl_m1    = $acl_verify_message
          set acl_m2    = $sender_verify_failure


  warn
          log_message   = moo :: $acl_m1 :: $acl_m2



15695 Connecting to test.com [205.178.152.103]:25 ... failed: Connection refused
15695 ----------- end verify ------------
15695 verify defer overridden by callout_defer_ok
15695 warn: condition test failed
15695 processing "warn"
15695 warn: condition test succeeded
15695 LOG: MAIN
15695 H=my.machine (moto) [...] Warning: moo :: :: 



  warn
          !verify       = sender/callout=1m
          set acl_m1    = $acl_verify_message
          set acl_m2    = $sender_verify_failure


  warn
          log_message   = moo :: $acl_m1 :: $acl_m2


15697 Connecting to test.com [205.178.152.103]:25 ... failed: Connection refused
15697 ----------- end verify ------------
15697 warn: condition test deferred
15697 LOG: MAIN
15697 H=my.machine (moto) [...] Warning: ACL "warn" statement
skipped: condition test deferred: Could not complete sender verify
callout
15697 processing "warn"
15697 warn: condition test succeeded
15697 LOG: MAIN
15697 H=my.machine (moto) [...] Warning: moo :: ::


I'd greatly appreciate any pointers. Thanks,

Ian

This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-[exim] callout ACLsRe: [exim] callout ACLs->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)