Hi,
i have a question that to some might be an easy one but i've been battling with it and cant seem to get this working
What i would like to do is the following:
we are running a relay smtp cluster for our customer that obviously we allow them to relay. but in doing that you have customers that's mailserver gets compromised and hence them relaying all the spam thru to our enviroment. i want to do sender verification and if the sender doesnt verify i want exim to return the message with a 550 and ultimately can it.
so i have the following in my ACL
acl_check_rcpt:
# Deny unless the sender address can be verified.
require verify = sender/callout
deny message = X-Sender-Verify: FAILED ($sender_verify_failure)
log_message = Sender ($sender_address) could not be verified using callout: $acl_verify_message ($sender_verify_failure)
!verify = sender/callout=10s,random
warn message = X-Sender-Verify: SUCCEEDED (sender exists & accepts mail)
verify = sender/callout=10s,random
my question is:
1. is this the right way of doing it?
2. why am i not seeing this work. ive tested it with a non existent sender and the message gets accepted by exim
