[exim] Re: Is sender verification possible on a server that …

Página Principal
Apagar esta mensagem
Responder a esta mensagem
Autor: Evgeniy Berdnikov
Data:  
Para: exim-users
Assunto: [exim] Re: Is sender verification possible on a server that is used as a smarthost?
On Wed, Oct 04, 2023 at 03:59:23PM +0200, Mario Emmenlauer wrote:
> So to confirm, the ACL that verifies only non-authenticated users would read:
>
>   deny
>     !acl = acl_local_deny_exceptions
>     !verify = sender
>     authenticated = *
>     message = Sender verification failed


You should revert condition, i.e. write "!authenticated = *".
And better to put it before "!verify = sender".

Additional question is what you expect from this sender verification.
If you don't care, it looks like magic, but this magic could suddenly
become contrary to your expectations. In particular, this condition
"verify=sender" only checks whether sender's address is routable,
so it protect from formally invalid addresses (with invalid syntax
or non-existent domains). This is very weak condition for internet.
I propose to study "/callout" and other options in docs (ch.46).
--
Eugene Berdnikov

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@???
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/