Go Back   cPanel Forums > cPanel® and WHM® (for Linux® and FreeBSD® Servers) > Mail
Exim smart relay + verification? Exim smart relay + verification?
Register FAQ Calendar Search Today's Posts Mark Forums Read

Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 07-04-2009, 08:30 AM
Registered User
  
Join Date: Jan 2007
Posts: 70
beddo is on a distinguished road
Exim smart relay + verification?
Hi there,
I've been using exim smart relays with these for a while:

Code:
static_route:
 driver = manualroute
 transport = remote_smtp_smart
 route_data = ${lookup{$domain}lsearch{/etc/staticroutes}}

remote_smtp_smart:
  driver = smtp
  port = 25
  hosts = ${lookup{$domain}lsearch{/etc/staticroutes}}
  hosts_override
This works wonderfully for a lot of our clients and cuts the spam load massively with the spam setup we have. The only limitation that is fairly obvious with this setup is that exim will accept mail for accounts that don't exist on the destination server and it will sit in the queue until it expires.

Then I got to thinking. The Cpanel/exim implementation supports sender verification callouts for incoming mail. Surely there must be some way to adapt a similar feature and have exim do a lookup on the destination server before accepting the mail.

I'm going to have a look and see if I can figure anything out myself but I have no idea where this would even start so if anyone has any pointers or has tried in the past I'd like to know what you came up with or what stopped you.

Cheers.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #2 (permalink)  
Old 10-30-2009, 07:30 PM
Registered User
  
Join Date: Jan 2007
Posts: 70
beddo is on a distinguished road
After many hours banging my head against a brick wall (not helped by a malfunctioning Exchange server used for testing) I have solved this myself.

The solution is to look for the following section in the check_recipient ACL:

Code:
#recipient verifications are required for all messages that are not sent to the local machine
                        #this was done at multiple users requests
                        require verify = recipient
After it, put in the following:
Code:
  warn
    condition = ${if eq {1}{${lookup{$domain}lsearch{/etc/staticroutes}{1}{0}}}}
    add_header = X_Staticroutes: TRUE
    require verify = recipient/callout=use_sender
Looks so simple. I don't think you actually need the add_header line but that won't cause any problems. I recommend this for everyone who is using staticroutes as it stops those rejected dictionary attacks from clogging up the mail queues. (Make sure you thoroughly test it out first though and don't blame me if anything goes wrong - it works for me!).
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Reply

« How to backup emails | Spam problem with mailnull and mailer-daemon »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

Similar Threads
Thread Thread Starter Forum Replies Last Post
Smart Host, Smart Route with SMTP authentication belon_cfy cPanel and WHM Discussions 0 11-02-2007 12:53 AM
smart router with verification bigdessert Mail 1 07-10-2007 10:58 PM
Smart Outbound Relay and Inbound delivery. Limo.Net cPanel Newbies 0 11-26-2006 11:37 PM
How to disbable exim sender address verification almecho cPanel and WHM Discussions 8 06-02-2006 10:23 AM
Exim might be a Open Relay CCorderoR cPanel and WHM Discussions 3 04-04-2004 09:30 PM


All times are GMT -5. The time now is 01:29 PM.


Powered by vBulletin® Version 3.8.2
Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
© cPanel Inc