On Sun, Oct 25, 2009 at 04:25:36PM +0000, Colin wrote: > We do already have "require verify = recipient" set in the acl for > acl_smtp_rcpt however this does nothing.
Yes, that could well be the case if some other part of the ACL means that it can only get as far as "require verify = recipient" for "your" domains (i.e. the ones in /etc/staticroutes). > This works well, except it means that our relay accepts mail for spam > targetted at randomgu...@domain > > What I have been trying to do is to write an ACL that meets the > following criteria: > ... > 3) The ACL then performs a recipient callout verification. > > 4) If the destination server accepts the recipient, then the ACL is > passed and we progress onto the rest of the acls etc. If the destination > server rejects the recipient, I do not want the message accepted to the > system nor do I want to waste any more resource cycles running any other > ACLs etc. http://www.exim.org/exim-html-current/doc/html/spec_html/ch40.html#SECTcallver For example, "require verify = recipient/callout". But, as you say, make sure you only do this for your domains, i.e. where the host you're calling out to is one of your own hosts. Regards, -- Dave Evans http://djce.org.uk/ http://djce.org.uk/pgpkey
signature.asc
Description: Digital signature
-- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
