I've kind of already asked this as part of the string expansion question, but
I didn't get an answer for that.
I have the standard localuser router
localuser:
driver = accept
check_local_user
transport = local_delivery
cannot_route_message = Unknown user
A large number of the SPAM emails I receive actually get this far and then
fail because the recipient doesn't exist. However, the same SPAM messages do
get through to users that do exist.
I'm looking for ideas as to how I can capture the failed emails so that I can
then use them in my SPAM filtering. This would probably involve injecting the
details into the database.
For most types of failed emails I'm looking to do something in the
acl_check_notquit: and I can manage that because of the string expansion I've
asked about before.
However, I have not managed yet to get that method to working with "Unknown
Users"
I've added the following to the localuser router:
headers_add = X-localuser: $local_part at $domain
and added the folllowing to the local_delivery transport:
headers_remove = X-localuser
The idea being that if I get to acl_check_notquit the header should exist.
However, the entry in the ACL
warn log_message = unknown user captured as $h_X-localuser
condition = ${if def:header_X-localuser: {yes}{no}}
is not putting anything into the log file, nor is it generating an error to
indicate a syntax error.
