On Mon, May 23, 2011 at 5:13 AM, Graham Butler <[email protected]> wrote: > I am currently looking into adding 'require verify = sender', with no > callouts, to our Exim configuration. Unfortunately, my manager went to a > conference last week and was informed that adding 'verify sender' was not > very wise and could lead to the rejection of legitimate emails.
Add: verify = sender ..and not: verify = sender/callout Read sections 40.23 and 40.40 - 40.45 for explanations. Your manager probably things "verify=sender" is "verify with callouts". That's not what the basic verification does. With verify=sender, you get two basic checks: 1) if it's a local address that's sending, it determines this because the address (local_part and domain) exists locally. 2) If it's not local, then it must be remote and verifies that dns says the domain exists. Read those sections in Chapter 40 because there is more going on than just that. -- Regards... Todd "It is the nature of the human species to reject what is true but unpleasant and to embrace what is obviously false but comforting." "You might be a skeptic if you have pedantically argued the topic of pedantry." -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
