On Thu, 15 Jan 1998, Sherwood Botsford wrote:
>
> One of my neighbors machines picked up a spam message, with an invalid
> sender. I've got sender_verify and sender_verify_reject set.
>
> According to the manual, exim keeps a database of these, with a
> 'three strikes and your out' policy.
Not exactly. Exim remembers (for 24 hours) which sender addresses failed
to verify. The first time it sends a permanent negative response (5xx)
after receiving the message (which enables it to log the headers, etc.)
The second time it rejects the MAIL FROM command; if the host persists
in trying again with the same sender, it accepts the MAIL FROM command,
but rejects every RCPT TO command. Some MTAs appear to fail to treat
permanent negative responses as permanent errors, except in the final
case (which is the same as the "unknown user" case, so they are *very*
broken if they keep trying after that).
> In my log file it shows up like this:
> 1998-01-15 07:41:14 0xsqTp-0001W4-00 rejected from quartz.ucs.ualberta.ca [129.1
> 28.5.19]: temporarily unable to verify sender address (try again later) <Fontaso
> c@???>
>
> So it would appear that exim is not keeping this database. Is
> there another step I need to do in order to set this database up?
Since it couldn't verify the address, it didn't know whether it was
valid or not. In this circumstance it sends a temporary error code (4xx)
and does not remember anything. Temporary errors can legitimately occur
if part of the network is broken and (say) the relevant nameservers
cannot be contacted. This sort of problem can, in extreme cases, last
for days. I have just checked s2.aoci.com and any attempt to look up an
MX record for it just gives SERVFAIL from the DNS - that is, the DNS
lookup reports that some nameserver has failed.
There has been a spate of these SERVFAIL errors in the last couple of
weeks. The symptom is that a server gives SERVFAIL when it really should
give a response saying "does not exist". I don't know if some new broken
nameserver has been released onto the net, or what.
It looks as if contact with aoci.com can be made. I will mail their
hostmaster.
--
Philip Hazel University Computing Service,
ph10@??? New Museums Site, Cambridge CB2 3QG,
P.Hazel@??? England. Phone: +44 1223 334714
--
*** Exim information can be found at
http://www.exim.org/ ***
