On 27/10/2011 10:40, Graeme Fowler wrote:
> On Thu, 2011-10-27 at 10:29 +0100, Colin wrote:
>> Regardless of what the warn should or should not do, it is in fact the
>> cause. When that is above the auth line things fail. When it is below,
>> it succeeds. When I change it to verify = recipient/defer_ok/callout =
>> ... then it also succeeds. There are no flags being set by that part of
>> the ACL, it is as I copied it.
> It's the use of the "require" verb. From the docs:
>
>> If all the conditions are met, control is passed to the next ACL
>> statement. If any of the conditions are not met, the ACL returns
>> “deny”
> You'll find that in Ch40:
>
> http://www.exim.org/exim-html-current/doc/html/spec_html/ch40.html
>
> Graeme
>
>
Hi Graeme, thanks for the reply,
I am unsure that I follow it completely. In my understanding, the
require verify should only apply if the condition is met.
How it should behave:
If recipient domain is in /etc/staticroutes then do a recipient callout
verification. If the verification fails with a permenant error, reject
message. If the verification fails with a temporary error, accept and
queue for retry.
No recipient verification callouts should occur if the recipient is not
in /etc/staticroutes (ie the condition is not matched).
This is not what happens because recipient verification callouts are
happening (and failing) on domains not in /etc/staticroutes.
Regards,
Colin
