Subject: Re: [Pkg-exim4-users] ACL to verify recipients based on alias file for multiple domains

[Andreas Metzler]

On 2005-09-06 Bas Couwenberg <bas at itd.net> wrote:
> I maintain an email gateway running exim4 on Debian Sarge. It is
> configured with an alias file for each domain it accepts mail for.
[...]
> 95% of all the spam and virusses we receive are addressed to users which
> don't exist (in the alias files). So I would like to create an ACL which
> checks if the recipient addressed in an incoming mail actually exists in
> the alias file of the domain addressed before it gets forwarded to
> amavisd-new.

> I've read the documentation on ACLs at exim.org, but am not quite sure
> how I would accomplish this.

> I presume that the code needs to be placed in the file
> /etc/exim4/conf.d/acl/30_exim4-config_check_rcpt, as that seems to be
> the ACL for incoming RCPT headers, but I have no idea how to verify the
> recipients based on the alias files. I tried playing around with the
> lookup code used in the router section[1], but that didn't work.
[...]

Hello,
The default acl includes
  deny
    message = Sender verification failed
    !acl = acl_whitelist_local_deny
    !verify = sender
  .endif

which will reject and "unverifyable" RCPT. "unverifyable" means that
exim4 runs through all the routers and checks whether one of them
accepts the address.

Your problem is probably that your amavisd-new router accepts _any_
address, so address verification always succeeds. Just setting
no_verify on this router /might/ do the trick.
                cu andreas
-- 
"See, I told you they'd listen to Reason," [SPOILER] Svfurlr fnlf,
fuhggvat qbja gur juveyvat tha.
Neal Stephenson in "Snow Crash"