Author: Alan J. Flavell Date: To: Derrick 'dman' Hudson CC: Exim users list Subject: Re: [Exim] Re: Re: Callbacks and bounces (exim v3)
On Mon, 1 Jul 2002, Derrick 'dman' Hudson wrote: > On Sun, Jun 30, 2002 at 12:06:53PM +0100, Matthew Byng-Maddick wrote:
> | If you'd read the thread, you'd know that this was a bounce in a header
> | line.
>
> Actually, that wasn't stated.
My apologies for not spelling it out in every detail. I had been
under the impression that my original report:
| it appears to me that aol.com were trying to send bounces
| to us, but we were refusing them on the grounds that there was no
| valid sender in the header lines.
already implied that.
> I assumed that address was the envelop
> sender since the callback was trying to verify it.
In a subsequent mail to the list I went into a bit more detail:
| In the exim (v3) configuration we have | | sender_verify = true
| headers_sender_verify = true | | and, for a shortlist of domains (including this one) we had
| callbacks enabled.
I have to admit I'm still confused as to what exactly was being
verified here and why. A colleague suggested that I should try an
exim -d 9 -bh <IP>
to see if I could find out in detail what exim was up to. But just
when it started to get exciting, exim commented that it wasn't going
to try the callback because this was a dummy run:
aol.com in sender_verify_callback_domains? yes (matched
partial-dbm;/etc/exim/callback_domains.db)
Attempting full verification using callback
... callback omitted when host testing
> | Your MTA should *NEVER* bounce to an address that only appears in
> | the header line.
>
> Agreed.
I don't see any reason to disagree. Nevertheless, the fact that
the configuration was set as it was (see above) (which for, "normal"
spam, produces useful results) was here causing the acceptance of
bounces - yes, _bounces_, that means with an envelope sender of <>
in case there is still any misunderstanding on this point - to be
blocked by our exim (v3).
> I thought the callbacks operated on the envelope only.
So why was exim (v3) trying to callback the header-from? I'm still
confused about this, sorry. (Is it any kind of inadvertent
interaction with those other verification options?)
> The envelope
> sender wasn't shown in the original post.
True. The original post said what you see quoted above: it was
about "bounces". I was under the impression that bounces,
properly-so-called, had an envelope sender of <>. Sorry for not
making that clear.