On 23/07/11 07:40, Phil Pennock wrote:
On 2011-07-21 at 09:54 +0100, Tim Watts wrote:
The redirect router is less desireable as I have to handle mail I no
longer want instead of being able to reject it at SMPT time (whereby the
spammer who now has it might stop bothering me).
Err, no.
There are typically two runs through the Routers. One of them is a
"verify" run, then comes the delivery run. This is why you can tag
individual Routers with "no_verify".
Hi Phil,
Ahh - that is a fundamental fact that for some reason had escaped me.
I had not understood how verify = recipient actually worked - and
knowing there is a "dry run" though all the routers makes a big
difference to my understanding.
As long as your RCPT ACL includes a step which does
verify = recipient
then there will be a verify run through the Routers. If you've removed
this step from the RCPT ACL then I *strongly* advise putting it back, as
this is what keeps you from emitting backscatter.
So I'd have a Router along the lines of (untested):
user_blacklist:
driver = redirect
domains = +local_domains
local_part_suffix = -*
check_local_user
verify_only
allow_fail
require_files = $home/.email_blacklist
condition = ${lookup{$local_part_suffix}lsearch{$home/.email_blacklist}
{yes}{no}}
data = :fail: ${lookup{$local_part_suffix}lsearch{$home/.email_blacklist} \
{${if def:value {$value}{address invalid}}}{address invalid}}
That looks about right, applying what you said up top...
Many thanks for you help Phil,
I'll test it and try to get it clean enough to maybe put in the exim
Wiki as a recipe.
All the best,
Tim
Note that the lookup result should be cached, so in reality the file is
only scanned once.
Regards,
-Phil
--
Tim Watts
Personal Blog: http://www.dionic.net/tim/
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
