Bug#379155: please add an option to verify recipient first

Robert Millan rmh at aybabtu.com
Fri Jul 21 18:43:05 UTC 2006 

Package: exim4-config
Version: 4.62-2
Severity: wishlist
Tags: patch

Most of the message attempts I receive in my domain are spam that is addressed
at non-existant users.  They always get rejected, of course, but not before the
expensive tests (sender verify, RHSBL, SPF, etc) in the middle of
30_exim4-config_check_rcpt take place.

I've read the comment that explains why recipient verification is not one of the
first ACLs, so I won't ask to make this default.  But could at least a
macro-selectable option be added?

Patch attached.

-- System Information:
Debian Release: testing/unstable
  APT prefers testing
  APT policy: (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.17-1-amd64-k8
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8)

Versions of packages exim4-config depends on:
ii  adduser                       3.87       Add and remove users and groups
ii  debconf [debconf-2.0]         1.5.2      Debian configuration management sy

exim4-config recommends no packages.

-- debconf information excluded
-------------- next part --------------
Index: debian/debconf/conf.d/acl/30_exim4-config_check_rcpt
===================================================================
--- debian/debconf/conf.d/acl/30_exim4-config_check_rcpt	(revision 1506)
+++ debian/debconf/conf.d/acl/30_exim4-config_check_rcpt	(working copy)
@@ -22,10 +22,13 @@
   # MTAs and submissions from MUAs you should probably split them into two
   # lists, and handle them differently.
 
-  # Recipient verification is omitted here, because in many cases the clients
+  # Recipient verification is disabled here, because in many cases the clients
   # are dumb MUAs that don't cope well with SMTP error responses. If you are
-  # actually relaying out from MTAs, you should probably add recipient
-  # verification here.
+  # actually relaying out from MTAs, you should probably enable it.
+  .ifdef CHECK_RCPT_VERIFY_RECIPIENT_FIRST
+  deny
+    !verify = recipient
+  .endif
 
   # Note that, by putting this test before any DNS black list checks, you will
   # always accept from these hosts, even if they end up on a black list. The
@@ -278,8 +281,10 @@
 
   accept
     domains = +local_domains
+  .ifndef CHECK_RCPT_VERIFY_RECIPIENT_FIRST
     endpass
     verify = recipient
+  .endif
 
 
   # Accept if the address is in a domain for which we are an incoming relay,
@@ -287,8 +292,10 @@
 
   accept
     domains = +relay_to_domains
+  .ifndef CHECK_RCPT_VERIFY_RECIPIENT_FIRST
     endpass
     verify = recipient
+  .endif
 
 
   # Reaching the end of the ACL causes a "deny", but we might as well give

More information about the Pkg-exim4-maintainers mailing list