On Tue, Jun 26, 2001 at 05:42:09PM -0400, Dave C. wrote:
> This setting says which HOSTS can connect and not have the sender
> verified. This doesnt say what senders dont get verified. (Eg, if you
Yep, thanks to Philip's message, I got that (sorry for not answering
Philip), your mail is on a machine that isn't reachable right now.
In a nutshell, I got confused because of sender_verify_callback_domains
which lets you say which domains not to do a callback for, whereas for
domain verification, there wasn't an equivalent option.
> Then it is a violation of RFC for any mail with an email address in that
> domain to leave your 'internal' system. The solution is to use a valid
It's not my system (if it where, I'd just fix it) :-)
BTW, I've had the argument with many other people who admin broken hosts,
and users who complained that they were not getting mail (including mail
from bugtraq) due to bad header froms, and I haven't been able to find any
RFC that says that your header from has to be good for your mail to be
accepted (Neither an RFC "must" or even a "should". Tell me if you find one)
> email address (at the very least the domain part should be valid - but
> many systems with SMTP callback configured will reject your message if
> there isnt a valid MX which would accept mail for that address)
You don't need to convince me, I know and agree :-)
BTW, note that I have often used this argument myself, but way too often
I've heard back "you are the only site that's ever bounced my mail, so you
must be some RFC nazy". Unfortunately, at least the first part is true: most
mail servers to accept mail regardless of headers.
> There is no legitimate concept of sending mail from 'nowhere', or of not
> allowing a reply (Many spammers would like to think there is, but there
> is not) (I'm not suggesting that you are spamming, however)
I think you are confused about who's sending what. I have users complaining
and pulling a lot of weight to receive messages that exim is rejecting. Exim
is right to reject them with the options it was configured with, but users
say that:
- they don't care if caldera sends Emails with broken From: to bugtraq, they
want to receive them no matter what
- They don't care that people who don't know what they're doing setup Email
paging systems at various places with From: that do not resolve or cannot
be connected back to. They are pages that no one replies to and they want
to get them.
- They don't care that customer XYZ can't send mail with a correct header
from, they want to receive it.
Customer XYZ may have strict firewalling rules and strict policies on not
exposing some DNS zones outside, and may be willing to send you some
internal mail but is not willing to make it resolve outside (take it as
is, or get nothing)
I'm skating on thin ice here, either I manage to get some Email through, or
all checks we do will have to be disabled.
Yes, I'm a BOFH, but users have some say too :-)
That said, with Philip's suggestion, the problem has been solved. Thanks
again.
> You are working at VAlinux, yet you are using some sort of software that
> sends mail and cannot have this serious bug corrected? That seems odd.
That's correct, I'm not :-)
Marc
--
VA Linux Systems Server Sysadmin / Sourceforge mail&list master. 510 687 7061
Home page:
http://marc.merlins.org/
Finger marc_f@??? for PGP key
