Rical Jasan wrote:
[snip]
> 2016-11-27 23:35:54 [7002] cwd=/var/local/spool/exim 3 args:
> /usr/local/sbin/exim -Mc 1cBGTh-0001ou-9V
> 2016-11-27 23:35:54 [7002] 1cBGTh-0001ou-9V ** user@???
> F=<Honeycutt_Otis@???> P=<Honeycutt_Otis@???>
> R=dovecot T=lmtp: LMTP error after RCPT TO:<user@???> 550 5.1.1
> <user@???> User doesn't exist: user@???
Given that the final delivery point is LMTP, I assume you are delivering
onto something like Cyrus IMAP?
In which case, your router which delivers onto the LMTP process will probably
not do local_part verification, which causes the recipient/callout to work
for any local_part.
You can verify that by doing:
exim -bt somefakelocal_part@???
(and use the addtional -d+all argument to exim if you want to see debugged
processing of that routing). I think you will find it will say that all
addresses (valid or not) are deliverable.
You can add an additional check in your acl_check_rcpt, which can validate
that a user exists for a cyrus domain with something like:
deny domains = +local_domains
!condition = ${run {/usr/sbin/mbpath -q -s user.$local_part}{true}{false}}
If you use address suffixes, you can work around it with something like:
# Get the local part minus any suffixes
warn set acl_m9 = ${sg{${lc:$local_part}}{[+-].+\$}{}}
deny domains = +local_domains
!condition = ${run {/usr/sbin/mbpath -q -s user.$acl_m9}{true}{false}}
Note, use of mbpath requires exim to have permission to read the cyrus
mailboxes.db file for this command to work properly.
Also make sure $acl_m9 is not used by some other ACL :)
Regards
D.
