Re: [exim] verify_sender

Pàgina inicial
Delete this message
Reply to this message
Autor: W B Hacker
Data:  
A: exim users
Assumpte: Re: [exim] verify_sender
Russell Robinson wrote:
> Hi,
>
> I've been using exim 4.43 on Centos 4 (4.8) for many years.
>
> I've got:
>     require verify = sender

>
> and I've assumed it's been working OK.
>
> Recently tested: it always succeeds - i.e. allows invalid senders.


*where* in your acl phases, are you calling it?

>
> This is causing major problems.
>
> I note a setting called:
>     sender_verify

>
> but "exim -bV" says that's an invalid config.
>
> The exim doco for version 4 says it should be there.
>
> What's the story with this?
>
> I tried building 4.71 on Centos, but there were too many problems.
>
> Updating the OS is a major task, so how can I get sender_verify to work?
>


Short answer is 'you cannot'. Not with enough reliability to matter.

Best use is within a grouping of MTA/relays that are all part of a cooperative
group - eg - single-control 'pool', or an affinity group, such as a globally
distributed F/OSS software project, a body corporate, an institution - anywhere
'family members' are expected to present credentials to be allowed to pass, and
the Sysadmins have agreed on how so.

Doing sender verification attempts to any correspondent MTA with which you do
NOT have such an expectation in-place - read 'the world at large' - will seldom
get you a reliable response.

... and may get your calling MTA blacklisted for what some sysadmins consider
unwelcome probes - even abuse of their resources.

BTW - You should be at not less than 4.6X if 4.7X will not build for you.

4.43 is pretty stale, and there are both needful new features and bug/security
fixes since it was current.

Many such.

HTH

Bill Hacker