Todd Lyons wrote:
> On Mon, May 23, 2011 at 5:13 AM, Graham Butler<g.butler@???>
> wrote:
>> I am currently looking into adding 'require verify = sender', with
>> no callouts, to our Exim configuration. Unfortunately, my manager
>> went to a conference last week and was informed that adding 'verify
>> sender' was not very wise and could lead to the rejection of
>> legitimate emails.
>
> Add: verify = sender ..and not: verify = sender/callout
>
> Read sections 40.23 and 40.40 - 40.45 for explanations.
>
> Your manager probably things "verify=sender" is "verify with
> callouts". That's not what the basic verification does. With
> verify=sender, you get two basic checks: 1) if it's a local address
> that's sending, it determines this because the address (local_part
> and domain) exists locally. 2) If it's not local, then it must be
> remote and verifies that dns says the domain exists.
>
> Read those sections in Chapter 40 because there is more going on than
> just that.
>
Argghh!
Thanks for that, Todd. I've just stepped in the same ass u me ption!
This sort of thing has happened so often that it might save a good deal
of heat to change the code w/r titles of the invoking knobs, as in:
verify = sender morphs to: verify = sender_route
(no longer possible to option a 'callout', timeout still optional)
verify = sender/callout morphs to: Verify = sender_contact
(no longer possible to NOT do the callout, timeout still optional)
Not sure if the FIRST form even has a place at the table so long as we
still have:
verify = reverse_host_lookup
Bill
韓家標
