Author: Phil Pennock Date: To: Sebastian Arcus CC: exim-users Subject: Re: [exim] Verifying local addresses for inbound emails when using
Dovecot/pipe transport
On 2017-11-29 at 22:18 +0000, Sebastian Arcus via Exim-users wrote: > Is there a way to build a router only for verification of local addresses
> for inbound messages? As far as I can tell, verify = recipient doesn't work
> when Exim delivers to Dovecot through dovecot-lda - as this always verifies
> the recipient (as long as the domain is in +local_domains) no matter what
> the local part is. I guess the only way is to construct an extra router,
> which does verification separately, maybe against a separate list of local
> addresses in a file?
Yes. Put "verify_only" on that Router, and "no_verify" on the delivery
Router, and have them adjacent in the configuration.
This is also a useful split if you have to send mail off to a smarthost
but are online and can do DNS lookups; eg "remote_dns_verify:" Router
with "same_domain_copy_routing" and "verify_only" immediately before
your "smarthost:" Router.
I'm surprised that dovecot-lda isn't verifying the recipient. You're
using it in LMTP mode right, so that Exim can talk to it? And if it's
an SMTP/LMTP Driver then you probably need to explicitly do
verify=recipient/callout in the ACL.
For myself, I deliver most mail to Cyrus and I cheat and use knowledge
of the backing filesystem layer, breaking the black box open, so I just
use one Router for delivery and verification, but it has: