Author: Alan J. Flavell Date: To: Dave C. CC: Exim users list Subject: Re: [Exim] sender verify and null sender
On Fri, 6 Sep 2002, Dave C. wrote:
> On Fri, 6 Sep 2002, Rolando Guerra wrote:
>
> > I'm using 'sender verify', but many servers refuse connections with null
> > sender "MAIL FROM:<>"
>
> Those servers are *BROKEN*. RFC _requires_ SMTP to accept MAIL FROM:<>
[ To be pedantic: you can't refuse solely on the basis of it being
mail from:<> - you'd be justified to refuse it on other grounds -
blacklisted sender IP, non-existent addressee, content rating, etc.. ]
Some of those MTAs have even left comments in our log saying that they
refuse MAIL FROM:<> in order to prevent spam. Misguided approach!
Well, quite a number of those have landed into our local blacklist.
Maybe we should have a special message for them which tells them that
in order to prevent spam, we are unable to accept mail from MTAs that
wouldn't accept bounces.
> > what can I do for Exim to make the test with another sender like "MAIL
> > FROM:<test@???>"?
>
> Currently, afaik, you'd have to modify the source.
But that doesn't solve the fundamental problem that you would be
committing yourself to accept mail from (or at least _allegedly_ from
- we all know about counterfeit envelope-senders) a domain to which,
in the event of subsequent problems, you would be unable to send a
protocol-correct non-delivery report. That's fundamentally
unacceptable (even if one sometimes has to compromise on principles,
at least temporarily).