On 2017-02-09 at 15:54 +0100, Marco Gaiarin wrote:
> I'm using exim on a border gateway, that then send to a smarthost (ISP smtp
> server).
>
> We have noted that if we send an email to an inexistant domain (eg,
> gaio@???), the ISP relay refuse it (450, Recipient address
> rejected: Domain not found) but exim put them on queue (temporary reject)
> and retry.
>
>
> How can force an immediate reject? I'm thinking about an ACL on my border
> gateway that reject the email checking the existance of the recipient
> domain, but i'm seeking feedback.
Does your Exim have full DNS access? You put a "verify_only" router
right before the smarthost router, which gets "no_verify".
A smarthost takes everything, so you don't want it to be used for
recipient verification. Instead, use a normal dnslookup router, which
just isn't used for routing.
Last time I had such a system, I used this; there's a separate transport
for smarthost vs direct-to-mx because I did some port override and
authentication logic in the smarthost transport, and able to use a
different smarthost for some recipient domains.
----------------------------8< exim.conf >8-----------------------------
RUNCONFDIR=/etc/exim
DIRECT_OUT_DIR=RUNCONFDIR/direct-out
hostlist rfc1918_addresses = 10.0.0.0/8 : 172.16.0.0/12 : 192.168.0.0/16
hostlist special_ipv4_bad = +rfc1918_addresses : 0.0.0.0/8 : 127.0.0.0/8 : \
169.254.0.0/16 : 192.0.2.0/24 : 198.18.0.0/15 : \
224.0.0.0/4 : 240.0.0.0/4
begin routers
direct_to_mx:
driver = dnslookup
domains = partial()dsearch;DIRECT_OUT_DIR
transport = remote_smtp
ignore_target_hosts = +special_ipv4_bad
same_domain_copy_routing
no_more
remote_dns_verify:
driver = dnslookup
domains = ! +local_domains
transport = remote_smtp
ignore_target_hosts = +special_ipv4_bad
same_domain_copy_routing
verify_only
no_more
smarthost:
driver = manualroute
domains = ! +local_domains
transport = smarthost_smtp
ignore_target_hosts = +special_ipv4_bad
route_data = ${extract{host}{${lookup{$domain}partial()lsearch*{RUNCONFDIR/smarthosts}}}}
address_data = ${lookup{$domain}partial()lsearch*{RUNCONFDIR/smarthosts}}
same_domain_copy_routing
no_verify
no_more
----------------------------8< exim.conf >8-----------------------------