[exim] Contents of $acl_verify_message

Top Page
Delete this message
Reply to this message
Author: Michael Naef
Date:  
To: exim users
Subject: [exim] Contents of $acl_verify_message
Hi Folks

Situation
=========
We recently switched from "hard-SAV" (Sender Adress Verification)
where we reject mails on failure to "soft-SAV" where we tag them as
SAV-failed.

Motivation
==========
For our support departement it's very important to be able to see
*why* a message got taged or why not.

Details...
==========
Our hard-SAV setup was something like this:

---
mail_acl:
    [..]
    require verify = \
 sender/defer_ok/callout=10s,defer_ok,connect=2s,maxwait=20s
    [..]
---


This lead to nice traces in the log where you can see what the
happened during the callout (even without log_message or similar):

H=(gaga) [1.1.1.1] sender verify fail for <ddas@???>:
response to "RCPT TO:<ddas@???>" from mail.adm.domain.ch
[2.2.2.2] was: 550 no such address here


Now we changed the mail_acl for the soft-SAV like this:

---
mail_acl:
    [..]
    warn   !verify  = \ 
sender/defer_ok/callout=10s,defer_ok,connect=2s,maxwait=20s
    log_message = sender verify failed: $acl_verify_message 
    add_header = X-Sender-verification-failed-for: $sender_address
---


According to the exim docu "40.40 Address verification" [0] the
variable $acl_verify_message "contains the error message that is
associated with the failure". Also at other places in the same
document and in various threads on other mailinglists this variable
is believed by most to contain the error string as we had it in the
hard-SAV setup above. However it does not:

---
warn    !verify  = \
sender/defer_ok/callout=10s,defer_ok,connect=2s,maxwait=20s,no_cache
    log_message = sender verify failed: HHH: $acl_verify_message
    add_header = X-Sender-verification-failed-for: $sender_address
---


>>> callout cache: disabled by no_cache
>>> interface=NULL port=25
>>> Connecting to mail.adm.domain.ch [2.2.2.2]:25 ... connected
>>> SMTP<< 220 mail.adm.domain.ch ESMTP Exim 4.69 Thu, 11 Mar

2010 19:49:09 +0100
>>> SMTP>> HELO mxin001.mail.otherdomain.ch
>>> SMTP<< 250 mail.adm.domain.ch Hello

mxin001.mail.otherdomain.ch [1.1.1.1]
>>> SMTP>> MAIL FROM:<>
>>> SMTP<< 250 OK
>>> SMTP>> RCPT TO:<dasd@???>
>>> SMTP<< 550 no such address here
>>> SMTP>> QUIT
>>> ----------- end verify ------------
>>> check add_header = X-Sender-verification-failed-for:

$sender_address
>>>                  = X-Sender-verification-failed-for: 

dasd@???
>>> warn: condition test succeeded

LOG: H=(gaga) [2.2.2.2] Warning: sender verify failed: HHH: Sender
verify failed
>>> processing "accept"


You see this is not exactly what we want. I know at this place
*that* SAV failed - but I want to know *why*.

Does anybody see what I don't see?

cheers, Michael

[0] http://exim.org/exim-html-
current/doc/html/spec_html/ch40.html#SECTaddressverification