| This seems to be a design issue :
|
| Too inform the sender, that his attempt did not work, we have to
| reject it on SMTP level, means inside acl_check_data or a similar
| capable acl. Otherwise, we have to create a new delivery message and
| inform the sender about the "later" failure inside a router. Which
| will not work with spams as of the nature of most faked sender
| addresses.
|
| a new acl "acl_per_recipient" could solve such problems on an elegant
| way.
The problem is that this is impossible at the SMTP level.
The SMTP/ESMTP conversation goes:
MAIL FROM
RCPT TO ...
RCPT TO ...
DATA
<actual message gets sent>
(at each command an Exim ACL runs and you can send a reply, either
accepting the command, asking the sender to try again later, or
refusing it.)
The acl_smtp_data runs at the end of the DATA phase (this is the first
point where you actually have the message available). The problem is
that in the SMTP protocol you can only give a single answer to the final
'is this message data accepted' and that has a single answer code; by
its nature it applies to *all* accepted RCPT TO addresses. As Todd
Lyons says, there is no way in standard SMTP way to say 'I accept this
email for some RCPT TO addresses but not others'; you can only say '200
accepted' or '4xx temporarily deferred' or '5xx ha ha you jest no way'.
(Even with an extension to change this it will be years if not decades
before a large majority of mail servers support the extension,
especially the often old, unmaintained, and insecure sort of mail
servers that habitually get abused to send spam.)
- cks