On 2012-02-10 at 15:43 -0500, Matt X wrote:
> I'm using exim4 with a catchall router to forward mail to a java process.
> The java process users are the valid recipients. I'm trying to reduce the
> amount of spam routed to the java process by whitelisting the users in exim.
I'll answer the question as asked, which is more complicated, then
answer a simpler question which is what I think you actually want.
Taken literally, and more complex:
Add no_verify to the Router which invokes the Java process. Let's
pretend that's called "foo_catchall".
Add an "foo_catchall_whitelist" Router. Give it the "verify_only"
option.
At this point, the first Router handles emails but not ACL verification,
but the second Router handles verification but will never take messages.
The two work in concert.
You can then make foo_catchall_whitelist use a local_parts pre-condition
to implement policy. If you need to match full addresses, you can use
$local_part@$domain as a lookup key in a condition option.
Taken less literally:
If you only want certain addresses to go to the Java process, ignore
no_verify/verify_only, and just put the condition/precondition directly
on the Router which invokes the message. Why declare it to be a
catchall, when it's not really a catchall? It's "the final Router,
which handles this list of users". I suspect you've gotten trapped into
a mindset of thinking of it as a catchall because that's what it's
called, when really you don't want it to be.
Separately:
JVM startup overhead is not lightweight and you lose all the advantages
of JIT when your processes are short-lived. You *really* want to
investigate turning the Java process into a daemon which accepts
messages via LMTP and then have Exim deliver to it over LMTP. LMTP
systems don't need to worry about spooling or the like, so Exim acts as
your spooling buffer in front, and you can give per-recipient delivery
results with LMTP.
Regards,
--
https://twitter.com/syscomet