On Thu, 5 Sep 2002, Greg Ward wrote:
> Here's a snippet of my ACL config from such a server:
>
> acl_smtp_data = check_message
> [...]
> check_message:
> [...]
> deny !senders = :
> !verify = header_sender
> message = no valid sender address in any header line
That's wrong. What you want is
deny !senders = :
message = no valid sender address in any header line
!verify = header_sender
(or stick "message" first) because a "message" item applies to failures
that happen after it has been processed. If you put it last, it won't
have been seen before the denial happens.
> >>> dnslookup router: defer for spammer@???
> >>> message: host lookup did not complete
> >>> deny: condition test deferred
> 451 Temporary local problem - please try later
That bland wording is the default for temporary failures.
> It took me several minutes of poking around to determine just what the
> "temporary local problem" is -- and in fact, it's not a local problem at
> all!
Well, it depends on what you mean by "local". :-) It's local in the
sense that your local host can't complete routing of the address. If I
went in for anthropomorphic error messages, I might have chosen "I have
a problem in checking this address. It seems to be something that might
get fixed, so I'm giving you a temporary error code."
> Here's how Exim explains this DNS problem:
>
> $ exim -bt spammer@???
> spammer@??? cannot be resolved at this time:
> host lookup did not complete
Typical DNS timeout problem. The servers for the domain are presumably
unreachable for some reason. Not uncommon.
--
Philip Hazel University of Cambridge Computing Service,
ph10@??? Cambridge, England. Phone: +44 1223 334714.
