Hi,
Finally i found solution, i created verify_only router, which fail recipient
verification for particular remote host IP:
dnslookup_vrfy:
debug_print = "R: $router_name for $local_part@$domain"
driver = dnslookup
domains = !+local_domains : !+relay_to_domains
require_files = /CONFDIR/db/block_ipout
ignore_target_hosts = !/CONFDIR/db/block_ipout
verify_only
verify_recipient
no_verify_sender
fail_verify_recipient
Testing with -bv & -bvs shows, that it does what i want, on sender
verification and on delivery it is skipped, acts only for recipienťs
verification.
On every IP which is not in block_ipout router declines and pass
verification to next one (real dnslookup). If IP is in that list, it is
excluded (note exclamation) from ignore hosts, thus router accepts
that address = verification fails. Now ACL can reject these RCPT.
Hope that help someone else...
regards
--
Slavko
https://www.slavino.sk/
