Re: [exim] Recipient verification

Pàgina inicial
Delete this message
Reply to this message
Autor: Heiko Schlittermann
Data:  
A: exim-users
Assumpte: Re: [exim] Recipient verification
Hello Raymond,

Raymond Jette <rjette@???> (Mi 27 Jan 2010 18:38:22 CET):
> At times I am getting frozen messages in the queue. I am getting these
> messages because I am not doing recipient verification for hosts listed
> in relay_from_hosts. I am having trouble figureing out how to do this.
> Currently I have the folllowing:


If you want to do recipient verification for your submitters depends on
the way they can handle rejects at SMTP time. Most MUA are lost when
they're face with some rejects in huge recipient lists. (More precisely:
not the MUA is lost, the human using the MUA is mostly help- and
clueless…) For our MUA submitters we *accept* everything, but we do our
best do be sure about the senders address, so the chances are small,
that we can't deliver the NDN.

> acl_check_rcpt
>
> accept hosts = :
>
>   accept hosts = +relay_from_hosts
>              control = submission

>
>   require message = relay no permitted
>         domains = +local_domain : +relay_to_domains

>
> require verify = recipient/callout
>
>
>
> I would like to do recipient/callout if the user is listed in
> +relay_from_hosts but i'm not sure the best way to go about doing it. I
> tryed googleing for it but have come up with very little information.


Depending on the rest of your configuration you could just move the
"require verify = recipient/callout" up and place it *before* accepting
from the +relay_from_hosts.

    accept hosts = :


    require verify = recipient/callout


    accept hosts = +relay_from_hosts
               control = submission


    require message = relay no permitted
          domains = +local_domain : +relay_to_domains



But this allows other peple to use your box for verification purpose
against all domains.

So probably the following could be a starting point:

    accept hosts = :


    accept hosts    = +relay_from_hosts
           verify   = recipient/callout
           control  = submission


    require     message = relay no permitted
                domains = +local_domain : +relay_to_domains


    require      verify = recipient/callout



    Best regards from Dresden/Germany
    Viele Grüße aus Dresden
    Heiko Schlittermann
-- 
 SCHLITTERMANN.de ---------------------------- internet & unix support -
 Heiko Schlittermann HS12-RIPE -----------------------------------------
 gnupg encrypted messages are welcome - key ID: 48D0359B ---------------
 gnupg fingerprint: 3061 CFBF 2D88 F034 E8D2  7E92 EE4E AC98 48D0 359B -