Main >> Service Configuration >> Exim Configuration Editor
I have turned off both of the checks:
(off) Verify the existance of email senders.
-and-
(off) Use callouts to verify the existance of email senders.
After I added the ACL filter list that "aussie" posted in http://forum.ev1servers.net/showthread.php?t=56608
A lot of what I think was valid mail is being rejected:
cat /var/log/exim_mainlog | grep -iw "rejected RCPT" | less
I am thinking that a lot of virtual sites out there on the net may be sending mail to my users and when exim does a reverse look up the IP may not match the sender's domainname.
For example, I could get a mail from joe@samsjunkhaul.com but the server that samsjunkhaul.com is on could be named frankshostingservice.com and that wouldn't "verify" on exim.
With the "big boys" like AOL or hotmail, the server should reverse lookup correctly, so the ACL filters should work for people trying to fake those.
So is this the correct choice?
And what was cpanel thinking when they turned this on by default?
I am not sure if there are ways to verify a virtual domain, and maybe spammers will just start using unknown domains to get around my filters.
I am also looking over the post about how to RBL http://forum.ev1servers.net/showthread.php?t=34689 but that's going to take some time to figure out.