On 2011-09-07 at 16:50 +0100, Christian Gregoire wrote:
> Actually, in Graeme example (below), I can't see where Exim retrieves the relay
> host(s) to check against.
>
> warn domains = +filter_domains:+relay_to_domains
> !verify = recipient/callout=30s,defer_ok,no_cache,use_sender
> set acl_m_VER = REJ--RR6: $acl_verify_message
>
> deny message = Recipient verification failed.
> condition = ${if !eq{$acl_m_VER}{}}
>
> Can you explain please ?
An Exim "verify" run goes through the Routers in order, testing them in
"verify" mode. It skips those with "no_verify" (as opposed to actual
routing, which skips those with "verify_only").
By default, when Exim encounters an smtp transport, it stops at that
point and considers an address verified. The "/callout" means "try the
transport in callout mode" (which is much more limited).
So "verify = recipient" -> "verify = recipient/callout" means that
verification will include making SMTP connections, as warranted.
Thus the importance of using some "domains" restrictions, to keep from
being abusive.
-Phil
