On 2011-07-21 at 09:54 +0100, Tim Watts wrote:
> The redirect router is less desireable as I have to handle mail I no
> longer want instead of being able to reject it at SMPT time (whereby the
> spammer who now has it might stop bothering me).
Err, no.
There are typically two runs through the Routers. One of them is a
"verify" run, then comes the delivery run. This is why you can tag
individual Routers with "no_verify".
As long as your RCPT ACL includes a step which does
verify = recipient
then there will be a verify run through the Routers. If you've removed
this step from the RCPT ACL then I *strongly* advise putting it back, as
this is what keeps you from emitting backscatter.
So I'd have a Router along the lines of (untested):
user_blacklist:
driver = redirect
domains = +local_domains
local_part_suffix = -*
check_local_user
verify_only
allow_fail
require_files = $home/.email_blacklist
condition = ${lookup{$local_part_suffix}lsearch{$home/.email_blacklist} {yes}{no}}
data = :fail: ${lookup{$local_part_suffix}lsearch{$home/.email_blacklist} \
{${if def:value {$value}{address invalid}}}{address invalid}}
Note that the lookup result should be cached, so in reality the file is
only scanned once.
Regards,
-Phil
