On Wed, Oct 04, 2023 at 03:59:23PM +0200, Mario Emmenlauer wrote:
> So to confirm, the ACL that verifies only non-authenticated users would read:
>
> deny
> !acl = acl_local_deny_exceptions
> !verify = sender
> authenticated = *
> message = Sender verification failed
You should revert condition, i.e. write "!authenticated = *".
And better to put it before "!verify = sender".
Additional question is what you expect from this sender verification.
If you don't care, it looks like magic, but this magic could suddenly
become contrary to your expectations. In particular, this condition
"verify=sender" only checks whether sender's address is routable,
so it protect from formally invalid addresses (with invalid syntax
or non-existent domains). This is very weak condition for internet.
I propose to study "/callout" and other options in docs (ch.46).
--
Eugene Berdnikov
--
## subscription configuration (requires account):
##
https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@???
## Exim details at
http://www.exim.org/
## Please use the Wiki with this list -
http://wiki.exim.org/
