I spent an unfortunate amount of quality time with my exim config files today. I have a high spam tolerance, and I hate spam false positives with a passion, so at the moment I don’t even do any spam filtering on my home mail. I don’t get much spam at home, but it’s been escalating lately. It’s starting to get to me. But still, I don’t want to lose legitimate mails, and I don’t want to wade through spam folders looking for falsies. Might as well not filter to begin with.
So I decided to do some sender verification. Basically, this bounces messages if they come from a place that’s made up. Unfortunately this turned out to be difficult to set up, because I use a “smarthost” configuration, in Debian exim4-config terms. So all non-local mail is shipped off to Speakeasy for further handling.
To make a long story short, this meant that all of the sender verification tests were passing, because exim4 wasn’t contacting the right MX—it was just asking Speakeasy if it would accept the hypothetical mail, and Speakeasy was saying “sure!”.
So, I had to copy a new route definition from the “internet” config chunk in the default Debian config, specify that it was for sender verification only, and add a line to my smarthost route telling exim4 not to use it for sender verification. The details of how I did this are exactly the same as what’s posted here. Unfortunately I did not find this post until I’d almost solved it (with baughj help) anyway.
It seems like there is a better way to handle this in the Debian defaults, but I’m not sure yet exactly what it should be. Maybe they should just add a verification-only route to the default smarthost config.