Re: [Exim] Repeating 5xx codes..

Top Page
Delete this message
Reply to this message
Author: Philip Hazel
Date:  
To: Dave C.
CC: exim-users
Subject: Re: [Exim] Repeating 5xx codes..
On Tue, 11 Jun 2002, Dave C. wrote:

> A host connects to me by SMTP, and does
>
> MAIL FROM: <something that fails verify>
> RCPT TO: <either a valid or invalid recipient>
>
> And gets a 5xx for the failing sender verify. It then proceeds to do
> this again, on the SAME connection, with a new recipient, but with the
> same sender. Repeat ad nauseum. exim4's rate-limiting doesnt seem to
> slow this down,


That, I think, can be classed as a bug. It appears not to be counting
MAIL commands, but to be counting incoming messages, which isn't quite
the same thing. I've noted that. A fix seems like a good idea.

> but while I'd like to allow a fairly high number of _accepted_ RCPTS,
> I'd prefer not to allow a high number of failed ones.


The problem with this is that rejecting MAIL doesn't always have any
effect; the client just tries again (often with the same sender). So you
are no better off.

> If there isn't, then perhaps a cut-off on the max number of 5xx errors
> before no more commands of any type are accepted (with the possible
> exception of DATA, if there had previously been at least one acceptable
> RCPT TO), but anything else (including a new MAIL FROM after the
> completion of a DATA command), would get a 5xx...


If you set the threshold too low you would be in danger of blocking
legitimate mail. Consider a busy mailing list with several users in your
domain, one of which goes away. You are down for several hours. When you
come back, the list server sends 100 messages to you, all in one
connection. You'll see 100 5xx codes on this connection... I think my
feeling is that a crude control like this wouldn't be very useful.

--
Philip Hazel            University of Cambridge Computing Service,
ph10@???      Cambridge, England. Phone: +44 1223 334714.