Bug#379155: please add an option to verify recipient first
Robert Millan
rmh at aybabtu.com
Sun Jul 23 17:37:21 UTC 2006
On Sun, Jul 23, 2006 at 03:03:26PM +0200, Marc Haber wrote:
> On Fri, Jul 21, 2006 at 08:43:05PM +0200, Robert Millan wrote:
> > Most of the message attempts I receive in my domain are spam that is addressed
> > at non-existant users. They always get rejected, of course, but not before the
> > expensive tests (sender verify, RHSBL, SPF, etc) in the middle of
> > 30_exim4-config_check_rcpt take place.
> >
> > I've read the comment that explains why recipient verification is not one of the
> > first ACLs, so I won't ask to make this default. But could at least a
> > macro-selectable option be added?
>
> I tend to think that this should be a local change done by the local
> admin. Its consequences might be complex and I'd like people to think
> and understand what they doing.
>
> On a scale from 0 to 100, I am at 40 - 50 would be needed to accept
> the patch. Arguments please ;)
Well, all I can say is that we have to keep in mind that delaying the checks
untill after RCPT is just a hack to support broken implementations. Although
this is a hack that is usualy desireable, it's still a hack, and IMHO we should
encourage users who know what they're doing to disable it.
As for distinguishing which users really know what they're doing, I think the
warning message in the docs is reasonably enough. If after reading it they
still want to enable it, any trouble they may get is entirely their problem :)
--
Robert Millan
My spam trap is honeypot at aybabtu.com. Note: this address is only intended for
spam harvesters. Writing to it will get you added to my black list.
More information about the Pkg-exim4-maintainers
mailing list