On Tue, 2005-11-29 at 12:16 +0000, paddy wrote:
I installed qpsmtpd the other day with the intention of looking at it
from angles like thisi (when I get a round tuit), and I'm keen to learn
how other MTAs support or can be coaxed into the kind of semi-proxy
behaviour?
http://www.exim.org/exim-html-4.50/doc/html/spec_39.html#IX2587
Example at http://david.woodhou.se/eximconf/acl-recipient ...
# Deny unknown recipient at the domains for which we want to do callouts, so
we
# didn't already check them. For real senders we use defer_ok; for bounces we
# don't. We can do callouts even for mailman domains now because we use the
# 'use_sender' option.
deny domains = +relay_domains : +dns_virtual_domains
!senders = :
!recipients = @@lsearch;CLUSTER/verify-except-recipients
!verify =
recipient/defer_ok/callout=20s,random,defer_ok,use_sender
deny domains = +relay_domains : +dns_virtual_domains
senders = :
!recipients = @@lsearch;CLUSTER/verify-except-recipients
!verify = recipient/callout=20s,random,use_sender
For mail destined to domains for which we're backup MX (relay_domains),
or to the virtual domains (which are mostly forwarded elsewhere), this
does an SMTP callout to verify the recipient.
I choose to handle this differently for bounces and non-bounces. For
non-bounces, I accept the mail even if the primary MX is unreachable
(that's the defer_ok option). For bounces, I don't.
The use_sender option means that we do the callout using the same sender
as in the original message; otherwise it would use MAIL FROM:<>, which
would sometimes give a false negative. Mailing lists in particular tend
to refuse MAIL FROM:<>, as do addresses protected by SES/BATV.
The random option is just an optimisation -- if the recipient accepts
_any_ localpart, we just cache that information and don't bother to do
callouts again for that domain.
--
dwmw2
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com