On Sun, 2010-05-09 at 14:34 +0100, Jeremy Harris wrote:
> which means
> > (1) the final catch-all recipient needs to be verified so we don't
> > accept mail for something we can't deliver (2) that catch all could be a
> > locally routed account, a remote smtp destination (sub classes of 'by
> > ip, by hostname, by mx) (3) the per-user settings of the destination
> > catch all, which are set in the ACL's, would not be honoured potentially
> > leading to spam/viruses flowing through unchecked. As far as I
> > understand it using a router to do it means that you have accepted the
> > message at that point.
>
> Not if you do recipient-verification in your RCPT acl. That calls the
> routers.
Mmm. I'm not entirely sure how I would do this. Currently for local
recipients the RCPT acl has this to make sure my recipient is defined:
drop !recipients = ${lookup mysql{MYSQL_RCPT}}
domains = +hosted_domains
message = No such user
logwrite = RECIPIENT VERIFICATION: user $local_p...@$domain not
defined in mailusers
And for relay mailboxes:
drop domains = +hosted_domains
!verify = recipient/callout=15s,use_sender,no_cache
condition = ${if eq {$acl_m_usertype}{1}}
message = REJECTED - Unable to verify recipient exists on destination
log_message = relay recipient verification failed
My understanding of Exim is not very good yet Jeremy, so I don't fully
understand how to get that functionality into the router and then call
verify the recipient from an ACL.
--
## List details at http://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
