Michael Naef
Thu, 11 Mar 2010 11:14:53 -0800
Hi Folks Situation ========= We recently switched from "hard-SAV" (Sender Adress Verification) where we reject mails on failure to "soft-SAV" where we tag them as SAV-failed.
Motivation
==========
For our support departement it's very important to be able to see
*why* a message got taged or why not.
Details...
==========
Our hard-SAV setup was something like this:
---
mail_acl:
[..]
require verify = \
sender/defer_ok/callout=10s,defer_ok,connect=2s,maxwait=20s
[..]
---
This lead to nice traces in the log where you can see what the
happened during the callout (even without log_message or similar):
H=(gaga) [1.1.1.1] sender verify fail for <d...@domain.ch>:
response to "RCPT TO:<d...@domain.ch>" from mail.adm.domain.ch
[2.2.2.2] was: 550 no such address here
Now we changed the mail_acl for the soft-SAV like this:
---
mail_acl:
[..]
warn !verify = \
sender/defer_ok/callout=10s,defer_ok,connect=2s,maxwait=20s
log_message = sender verify failed: $acl_verify_message
add_header = X-Sender-verification-failed-for: $sender_address
---
According to the exim docu "40.40 Address verification" [0] the
variable $acl_verify_message "contains the error message that is
associated with the failure". Also at other places in the same
document and in various threads on other mailinglists this variable
is believed by most to contain the error string as we had it in the
hard-SAV setup above. However it does not:
---
warn !verify = \
sender/defer_ok/callout=10s,defer_ok,connect=2s,maxwait=20s,no_cache
log_message = sender verify failed: HHH: $acl_verify_message
add_header = X-Sender-verification-failed-for: $sender_address
---
>>> callout cache: disabled by no_cache
>>> interface=NULL port=25
>>> Connecting to mail.adm.domain.ch [2.2.2.2]:25 ... connected
>>> SMTP<< 220 mail.adm.domain.ch ESMTP Exim 4.69 Thu, 11 Mar
2010 19:49:09 +0100
>>> SMTP>> HELO mxin001.mail.otherdomain.ch
>>> SMTP<< 250 mail.adm.domain.ch Hello
mxin001.mail.otherdomain.ch [1.1.1.1]
>>> SMTP>> MAIL FROM:<>
>>> SMTP<< 250 OK
>>> SMTP>> RCPT TO:<d...@domain.ch>
>>> SMTP<< 550 no such address here
>>> SMTP>> QUIT
>>> ----------- end verify ------------
>>> check add_header = X-Sender-verification-failed-for:
$sender_address
>>> = X-Sender-verification-failed-for:
d...@domain.ch
>>> warn: condition test succeeded
LOG: H=(gaga) [2.2.2.2] Warning: sender verify failed: HHH: Sender
verify failed
>>> processing "accept"
You see this is not exactly what we want. I know at this place
*that* SAV failed - but I want to know *why*.
Does anybody see what I don't see?
cheers, Michael
[0] http://exim.org/exim-html-
current/doc/html/spec_html/ch40.html#SECTaddressverification
--
## List details at http://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/