I understand that 'defer' is returned if a test cannot be completed, for example when a DNS blacklist lookup times out. But what effect does defer have on the final ACL decision? Also, what happens when I manually set the return to be 'defer' instead of 'deny', for example when looking up against a local blacklist?
Asked
Active
Viewed 2,648 times
1 Answers
1
http://www.exim.org/exim-html-current/doc/html/spec_html/ch-access_control_lists.html, 12. ACL return codes:
Except for the QUIT ACL, which does not affect the SMTP return code (see section 40.9 above), the result of running an ACL is either “accept” or “deny”, or, if some test cannot be completed (for example, if a database is down), “defer”. These results cause 2xx, 5xx, and 4xx return codes, respectively, to be used in the SMTP dialogue.
This means that "defer" indicates a temporary problem (4xx) to the sender, and "deny" means a permanent problem (5xx) and the sender should not retry. As an example for blacklists, you can use defer if you can't reach them, and deny if the host is on the blacklist. (I think this is done automatically by dnslist)
-
So essentially 'defer' still prevents the sender from successfully sending their message, but indicates that they should try again later? From the sender's point of view, the message would likely then enter their queue and attempt to be resent later? – Richard Keller Apr 30 '11 at 15:51
-
Richard: Yes, that's exactly right. – AndreasM Jun 29 '11 at 06:14