Russell Robinson wrote: > Hi, > > I've been using exim 4.43 on Centos 4 (4.8) for many years. > > I've got: > require verify = sender > > and I've assumed it's been working OK. > > Recently tested: it always succeeds - i.e. allows invalid senders.
*where* in your acl phases, are you calling it? > > This is causing major problems. > > I note a setting called: > sender_verify > > but "exim -bV" says that's an invalid config. > > The exim doco for version 4 says it should be there. > > What's the story with this? > > I tried building 4.71 on Centos, but there were too many problems. > > Updating the OS is a major task, so how can I get sender_verify to work? > Short answer is 'you cannot'. Not with enough reliability to matter. Best use is within a grouping of MTA/relays that are all part of a cooperative group - eg - single-control 'pool', or an affinity group, such as a globally distributed F/OSS software project, a body corporate, an institution - anywhere 'family members' are expected to present credentials to be allowed to pass, and the Sysadmins have agreed on how so. Doing sender verification attempts to any correspondent MTA with which you do NOT have such an expectation in-place - read 'the world at large' - will seldom get you a reliable response. ... and may get your calling MTA blacklisted for what some sysadmins consider unwelcome probes - even abuse of their resources. BTW - You should be at not less than 4.6X if 4.7X will not build for you. 4.43 is pretty stale, and there are both needful new features and bug/security fixes since it was current. Many such. HTH Bill Hacker -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
