Re: [exim] Defer in warn ACL results in tempfail despite doc…

Top Page
Delete this message
Reply to this message
Author: Phil Pennock
Date:  
To: Chris Wilson
CC: exim-users
Subject: Re: [exim] Defer in warn ACL results in tempfail despite docs
On 2012-01-26 at 12:18 +0000, Chris Wilson wrote:
> # check WHOIS for domains registered by Communicado Ltd
> warn set acl_m_whois = ${run {/usr/bin/whois $sender_address_domain}}


You may want to investigate using a caching whois server, so that high
volumes of mail from the same domain don't get you blacklisted at the
whois providers. Eg, "jwhois".

Alternatively, a small daemon which listens on a socket and takes a
domain and emits the company number if found, which can maintain
clustered caches, etc, and avoid the fork/exec overhead of invoking
whois directly for spam messages.

An advantage of going the daemon route is that Exim's ${readsocket}
takes a timeout parameter and you can tune the behaviour of various
errors.


Next: note that this is a "set" on a warn statement, not a condition on
a warn statement.

Perhaps:

  warn  set acl_m_donotlikethem = no
  warn  condition = ${if match {${run {/usr/bin/whois $sender_address_domain}}}\
                               {Company number: 12345}}
        set acl_m_donotlikethem = yes
  defer condition = $acl_m_donotlikethem
        message = We do not like you


> So why is it tempfailing the message? And is there any other way to avoid
> a tempfail on a condition that results in a defer?


It's tempfailing because the command isn't in a condition and didn't
complete. Probably whois rate-limiting kicked in to throttle your query
volume (assuming you're querying the public whois servers).

-Phil