Re: [exim] Recipient verification

Top Page
Delete this message
Reply to this message
Author: Johnnie W Adams
Date:  
To: Jeremy Harris
CC: exim-users
Subject: Re: [exim] Recipient verification
On Fri, Jan 20, 2023 at 3:12 PM Jeremy Harris via Exim-users <
exim-users@???> wrote:

> On 20/01/2023 19:50, Johnnie W Adams via Exim-users wrote:
> > Calling the ACL on all mail prevents bounces, correct?
>
> An R-verify checks routability, and (with callout) acceptability
> by the destination. If your intent is to discover nonexistent
> recipients *during SMTP reception* of a message, so that
> you can reject at SMTP time and thereby not have to generate
> a bounce - then yes, it'll do that. But you should be
> doing this check in your rcpt ACL, and it'll only cover
> messages *you* receive using SMTP (as opposed to cmdline/stdin).
>


I'm okay with that limitation.

What I'm unclear on is the full consequences of doing this on our egress
node rather than our ingress node. It seems to me--but I could be
wrong!--the worst that can happen is that the mail passes through our
ingress node, is refused at our egress node, and our ingress node has to
pass that failure back where it came from. What am I missing?

>
> Also, if done for message-submission receptions by you
> it will upset many MUAs (which have little notion that
> a message being rejected is a thing, it seems).
> So if that was your hope, you're onto a loser.



Our egress node should Never accept mail from an MUA, so that would not
worry me in the configuration I'm thinking of, but if the check must be
made at the ingress node, that would mean (I assume) I'd have to write a
more complicated ACL, because it does accept mail from MUAs.


> > As to when this is called, I would put it on our egress node, which only
> > has acl_check_rcpt. I planned to put it after that. So more like this?
> >
> > acl_check_vrfy:
>
> I'm still trying to work out your intent. Is that word "acl_check_vrfy"
> never mentioned elsewhere (in your proposed config)? If so, it will
> have no effect. ACL names are not magic.
>
> When do you want it run?



On looking again, I see that I need to put "acl_smtp_vrfy = acl_check_vrfy"
in my main configuration settings to use acl_check_vrfy in the begin acl:
section.