Colin wrote:
On 26/10/2011 12:38, Colin wrote:
Hi folks,
The default Exim configuration has "require verify = recipient" in
acl_check_rcpt.
I'm having problems with Outlook users where they send a message to 20
people and the smtp session for the whole message gets rejected
because one message exhibits a temporary failure. The most noteable
one is "host lookup did not complete".
I was hoping to disable recipient verification for authenticated users
on the basis that these messages would go into Exim queues, be
delivered to valid recipients and the failed ones returned when the
retry time expires.
Can anyone suggest what is needed to modify the line to do this, or
alternatively a way to prevent the whole SMTP session from being
rejected when only one recipient gets this error?
Thanks,
Colin.
Apparently something is amiss.
According to my ACL, authenticated users should not be subject to the
recipient verification.
I have this earlier in the ACL so the message should be accepted before
it gets to the recipient verification.
accept hosts = *
authenticated = *
To test, I have commented out the recipient verification from exim.conf
and restarted exim. The message still gets rejected.
I can see from my frontend server logs that the message gets rejected at
RCPT TO time so it can't be any later ACLS.
Google is not my friend on this one as trying to find anything about
"host lookup did not complete" comes back with billions of people with
misconfigured DNS. That is not my problem, I want Exim to accept
messages with temporary failures from authenticated users.
I guess another setting is required so I will keep searching...
A host lookup (of any kind..) should NOT be called for on submission
port 587.
The typical user pool will be on broadband or dial-up and have neither a
proper PTR RR nor DNS 'chain' that Exim (fairly forgiving and persistent
at 'finding a way') is able to vet as smtp-useful.
You need to grep-out that clause and modify what is around it.
Here are a couple of examples for making exceptions on a similar issue.
====
deny
condition = ${if eq{$interface_port}{25}}
!verify = reverse_host_lookup
===
deny
!condition = ${if eq{$interface_port}{587}}
!verify = reverse_host_lookup
===
Don't forget to also cast a glance at a local IP whitelists or such
BEFORE hitting anyhting as draconian as these - or as another included
!condition on hit.
May also need a 'pass' for authorized relays and DNS-less boxen, such as
file archivers ELSE their cron reports can be blocked...
Bill
--
韓家標
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
