On Fri, 2005-02-25 at 01:45 +0100, Cream wrote: > >accept domains = +relay_to_domains > endpass > verify = recipient > >Whats going on here? how is it verifying recipients on another server? In that case it's simply verifying that it can route messages to the other server -- it's not verifying individual recipients at all. Synchronising user lists is outside the scope of the default configuration, but the simple option is to do a callout to the primary MX to verify that the recipient actually exists. Obviously that doesn't help if the primary MX is down, but it does help with the common spammer trick of just sending crap to the backup on the basis that it's more likely to accept it. You can change the above to: accept domains = +relay_to_domains endpass verify = recipient/callout=use_sender,defer_ok Going to http://www.exim.org/exim-html-4.40/doc/html/spec.html then selecting 'V' in the Concept Index then 'verifying:address, options for' will get http://www.exim.org/exim-html-4.40/doc/html/spec_38.html#IX2434 which explains the callout options in more detail -- basically this attempts an SMTP callout to the primary MX using the same source and destination mail addresses, and rejects the incoming mail if the primary MX doesn't like the (sender,recipient) pair. If the primary is down, the defer_ok option means that it'll accept the mail and queue it. If the primary is one of the versions of Exchange which can't (or doesn't) do rejection at SMTP time properly, then the above won't help and you have to use an LDAP query for verifying addresses. See sample configuration 'C043' in the FAQ. -- dwmw2