On Tue, 1 Oct 2002, Tom Marazita wrote:
> Hello all,
>
> I am using the following in the check_recipient acl to
> verify sender addresses:
>
> require message = Unable to verify sender address
> verify = sender/callout=30s/callout_defer_ok
>
> It works fine, and the overhead seems worth the number
> of unverifiable spam-like sender addresses that fail
> verification.
>
> Lately though I have been running into more and more improperly
> configured hosts that behave like this (this is the most latest):
>
> [root@mail]# telnet cmswww1.imr.tohoku.ac.jp 25
> Trying 130.34.224.202...
> Connected to cmswww1.imr.tohoku.ac.jp.
> Escape character is '^]'.
> 220 cmswww1.imr.tohoku.ac.jp ESMTP Sendmail 8.11.0 ready at Tue, 1 Oct 2002 23:53:29 +0900 (JST)
> helo engineering.ucsb.edu
> 250 cmswww1.imr.tohoku.ac.jp Hello mail.engr.ucsb.edu [128.111.53.8], pleased to meet you
> MAIL FROM:<>
> 553 5.7.1 <>... Domain part missing
>
> The address verification probably would have succeeded had it not been
> for their apparently non RFC821-compliant configuration. I've this occur
> with a number of different server applications in addtion to sendmail.
> Contacting the postmasters for the sites is often futile.
>
> Would it be practical to have an option on sender/callout which
> caused verification to be considered successful if the response to
> "MAIL FROM:<>" was 5xx? I realize it is not optimum, but I can't
> think of another good way to both maintain sender/callout verfication
> while accepting mail from these hosts.
So you want to accept mails from hosts that would not accept your bounces?
An empty sender indicates a bounce, so its totaly legal to use it and it
shouldn't be blocked.
Contact the admin of this machine and tell him to fix his configuration.
ciao