Exim's SMTP callback feature is an even more powerful way to detect bogus sender addresses than normal sender verification. Unfortunately, lots of servers send bounce messages with a bogus address in the header, and there are plenty that send bounces with bogus envelope senders (even though they're supposed to just use an empty envelope sender for bounces).
In order to ensure that Mailman can disable/remove bouncing addresses, you generally want to receive bounces for Mailman lists, even if those bounces are themselves not bounceable. Thus, you might want to disable SMTP callback on bounce messages.
With Exim 4, you can accomplish this using something like the following in
your RCPT TO
ACL:
# Accept bounces to lists even if callbacks or other checks would fail warn message = X-WhitelistedRCPT-nohdrfromcallback: Yes condition = \ ${if and {{match{$local_part}{(.*)-bounces\+.*}} \ {exists {MAILMAN_HOME/lists/$1/config.pck}}} \ {yes}{no}} accept condition = \ ${if and {{match{$local_part}{(.*)-bounces\+.*}} \ {exists {MAILMAN_HOME/lists/$1/config.pck}}} \ {yes}{no}} # Now, check sender address with SMTP callback. deny !verify = sender/callout=90s
If you also do SMTP callbacks on header addresses, you'll want something like
this in your DATA
ACL:
deny !condition = $header_X-WhitelistedRCPT-nohdrfromcallback: !verify = header_sender/callout=90s