Re: [Exim] Re: about SMTP callback.

Top Page
Delete this message
Reply to this message
Author: James Antill
Date:  
To: Marc MERLIN
CC: Philip Hazel, exim-users
Subject: Re: [Exim] Re: about SMTP callback.
Marc MERLIN <marc_news@???> writes:

> [moving to exim-users list]
>
> On Thu, Nov 29, 2001 at 08:59:22AM +0000, Philip Hazel wrote:
> > I guess it's something to think about for the future, but all this
> > callback stuff is still relatively new and I'm still learning how it is
> > used and what is needed.
>
> Well, being a heavy user of SMTP callback, I can tell you the
> problems/features needed:
>
> - caching of positive callbacks (by far #1)
> (I do not really want caching of negative results, as I'd rather have
> people who just fixed their mail server be able to send right away)


This might be nice, the problem is that one of the benefits of
callback support is that if someone does a spam from an ISP account
and the ISP then kill that customers account then you instantly stop
getting their spam.
I guess as with all caching the big question is how long to you cache
for.

> - Being able to do an additional callback on the domain for a special
> address (like postmaster@ and optionally abuse@). My patch implements that
> by piggybacking on top of the current callback, it does a RSET, a new mail
> from: <>, and tries the 2nd address.


This is sort of pointless IMO, but I can see how some nazi mail
admins might like it :).

> - Some way to optionally not do SMTP callback if there is a certain header
> line in the message
>
> The 2nd one is important if we don't want people on mailing lists to be
> flooded with SMTP callbacks every time they post to a list.


I presume you are talking about the third point here ?

> The way this would work is that if the list server runs exim with SMTP
> callbacks, it would check the mails as they are posted, add a header saying
> that the header from has been checked, and rebroadcast to the list
> subscribers
>
> List subscribers would then be encouraged to not do callbacks if the special
> header is there.


And spammers would be encouraged to include it by default ?

I'd probably trust something like a maps RBL kind of thing, where
if a domain is on the list it means that they do callbacks (and/or do
sender_verify/headers_check_syntax/etc).
Hopefully because of the nature of a list like that they could have
massive positive expire times (and fairly large negative ones) thus
the bandwidth wouldn't be as big a problem.

The positive with that is that phil should be able to reuse the RBL
code :)

--
# James Antill -- james@???
:0:
* ^From: .*james@and\.org
/dev/null