On 18/05/2021 10:09, Yves Goergen via Exim-users wrote:
> After reading the Exim manual on logs and ACL some more, I assume that I have to deny the DATA ACL to have the message written to the reject log and this is not possible from the DKIM ACL. Is that correct? I couldn't find that statement explicitly anywhere.
No.
http://exim.org/exim-html-current/doc/html/spec_html/ch-dkim_spf_and_dmarc.html#SECDKIM
section 3:
"If any ACL call does not accept, the message is not accepted."
Admittedly it doesn't use the word "reject", but the intent seems clear to me
that the message gets rejected. Also, per the chapter on Log Files,
the rejectlog should be getting the full set of (original) message
headers.
Alternatively you could write direct to the reject log from the
DKIM ACL, using logwrite with a log name specifier.
--
Cheers,
Jeremy